This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:37:40+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data. The unnamed 42-year-old "allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who mistakenly connected to them," the Australian Federal Police (AFP) said in a press]]> 2024-07-02T09:59:00+00:00 https://thehackernews.com/2024/07/australian-man-charged-for-fake-wi-fi.html www.secnews.physaphae.fr/article.php?IdArticle=8529377 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and]]> 2024-07-01T21:42:00+00:00 https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html www.secnews.physaphae.fr/article.php?IdArticle=8529304 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group\'s trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex]]> 2024-07-01T18:30:00+00:00 https://thehackernews.com/2024/07/caprarat-spyware-disguised-as-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8529204 False Threat,Mobile,Prediction APT 36 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply chain compromise on June 18, 2024. The issue has since been remediated by Conceptworld as of June 24]]> 2024-07-01T18:14:00+00:00 https://thehackernews.com/2024/07/indian-software-firms-products-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=8529205 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk\'s recent research, 93% of organizations had two or more identity-related breaches in the past year. It is clear that we]]> 2024-07-01T16:21:00+00:00 https://thehackernews.com/2024/07/end-to-end-secrets-security-making-plan.html www.secnews.physaphae.fr/article.php?IdArticle=8529171 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from any of the client]]> 2024-07-01T16:20:00+00:00 https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html www.secnews.physaphae.fr/article.php?IdArticle=8529172 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. “An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor]]> 2024-07-01T11:55:00+00:00 https://thehackernews.com/2024/07/juniper-networks-releases-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8529009 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it\'s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority\'s inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust]]> 2024-06-29T20:14:00+00:00 https://thehackernews.com/2024/06/google-to-block-entrust-certificates-in.html www.secnews.physaphae.fr/article.php?IdArticle=8527941 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that\'s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather email addresses, usernames,]]> 2024-06-28T21:49:00+00:00 https://thehackernews.com/2024/06/kimsuky-using-translatext-chrome.html www.secnews.physaphae.fr/article.php?IdArticle=8527312 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3, and 16.11.5. The most severe of the]]> 2024-06-28T19:48:00+00:00 https://thehackernews.com/2024/06/gitlab-releases-patch-for-critical-cicd.html www.secnews.physaphae.fr/article.php?IdArticle=8527252 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid disk-based detection mechanisms," Trend Micro researchers Ahmed]]> 2024-06-28T17:29:00+00:00 https://thehackernews.com/2024/06/8220-gang-exploits-oracle-weblogic.html www.secnews.physaphae.fr/article.php?IdArticle=8527143 False Malware,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The modern kill chain is eluding enterprises because they aren\'t protecting the infrastructure of modern business: SaaS.  SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven\'t revised their security programs or adopted security tooling built for SaaS.  Security teams keep jamming on-prem]]> 2024-06-28T16:30:00+00:00 https://thehackernews.com/2024/06/combatting-evolving-saas-kill-chain-how.html www.secnews.physaphae.fr/article.php?IdArticle=8527144 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user\'s web activity. "SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study released this week. "This bottleneck influences the latency of network packets, allowing an attacker]]> 2024-06-28T15:29:00+00:00 https://thehackernews.com/2024/06/new-snailload-attack-exploits-network.html www.secnews.physaphae.fr/article.php?IdArticle=8527115 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and reside in versions 4.1.5 and prior. According to operational technology (OT) security firm Claroty, the]]> 2024-06-28T13:22:00+00:00 https://thehackernews.com/2024/06/researchers-warn-of-flaws-in-widely.html www.secnews.physaphae.fr/article.php?IdArticle=8527061 False Industrial,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) TeamViewer on Thursday disclosed it detected an "irregularity" in its internal corporate IT environment on June 26, 2024. "We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures," the company said in a statement. It further noted that its corporate IT]]> 2024-06-28T10:52:00+00:00 https://thehackernews.com/2024/06/teamviewer-detects-security-breach-in.html www.secnews.physaphae.fr/article.php?IdArticle=8527009 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat\'s transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation. "With its latest updates to the crypto miner, ransomware payload, and rootkit elements, it demonstrates]]> 2024-06-27T20:01:00+00:00 https://thehackernews.com/2024/06/rust-based-p2pinfect-botnet-evolves.html www.secnews.physaphae.fr/article.php?IdArticle=8526611 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing\'s research indicates that an astounding 99.7% of organizations utilize applications embedded with AI functionalities. These AI-driven tools are indispensable, providing seamless experiences from collaboration and communication to work management and]]> 2024-06-27T17:10:00+00:00 https://thehackernews.com/2024/06/the-secrets-of-hidden-ai-training-on.html www.secnews.physaphae.fr/article.php?IdArticle=8526554 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Did you know it\'s now possible to build blockchain applications, known also as decentralized applications (or “dApps” for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit, an all-in-one development toolkit for Algorand, enables developers to build blockchain applications in pure]]> 2024-06-27T15:00:00+00:00 https://thehackernews.com/2024/06/how-to-use-python-to-build-secure.html www.secnews.physaphae.fr/article.php?IdArticle=8526502 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques. The vulnerability, tracked as CVE-2024-5565 (CVSS score: 8.1), relates to a case of prompt injection in the "ask" function that could be exploited to trick the library into executing arbitrary]]> 2024-06-27T14:34:00+00:00 https://thehackernews.com/2024/06/prompt-injection-flaw-in-vanna-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8526470 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 22-year-old Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against Ukraine and its allies in the days leading to Russia\'s full-blown military invasion of Ukraine in early 2022. Amin Timovich Stigal, the defendant in question, is assessed to be affiliated with the Main Directorate of the General Staff of the Armed Forces of the Russian]]> 2024-06-27T13:11:00+00:00 https://thehackernews.com/2024/06/russian-national-indicted-for-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8526443 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135 and earlier. It has been addressed in version 5.1.6 build 139. "An SQL injection vulnerability in]]> 2024-06-27T12:15:00+00:00 https://thehackernews.com/2024/06/critical-sqli-vulnerability-found-in.html www.secnews.physaphae.fr/article.php?IdArticle=8526418 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following versions - From 2023.0.0 before 2023.0.11 From 2023.1.0 before 2023.1.6, and&]]> 2024-06-26T20:27:00+00:00 https://thehackernews.com/2024/06/new-moveit-transfer-vulnerability-under.html www.secnews.physaphae.fr/article.php?IdArticle=8526074 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang (aka CamoFei), the second cluster overlaps with activity previously attributed to Chinese and North Korean]]> 2024-06-26T15:43:00+00:00 https://thehackernews.com/2024/06/chinese-and-n-korean-hackers-target.html www.secnews.physaphae.fr/article.php?IdArticle=8525921 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their software should come as no surprise. In the last several years, the software supply chain has become an increasingly attractive target for attackers who see opportunities to force-multiply their attacks by orders of magnitude. For example, look no]]> 2024-06-26T15:22:00+00:00 https://thehackernews.com/2024/06/practical-guidance-for-securing-your.html www.secnews.physaphae.fr/article.php?IdArticle=8525922 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro. "When your headphones are seeking a connection request to one of your previously]]> 2024-06-26T15:06:00+00:00 https://thehackernews.com/2024/06/apple-patches-airpods-bluetooth.html www.secnews.physaphae.fr/article.php?IdArticle=8525923 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment information.  According to Sucuri, the latest campaign entails making malicious modifications to the]]> 2024-06-26T14:07:00+00:00 https://thehackernews.com/2024/06/new-credit-card-skimmer-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8525888 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of an Android banking trojan called Medusa that has been used to target users in Canada, France, Italy, Spain, Turkey, the U.K., and the U.S. The new fraud campaigns, observed in May 2024 and active since July 2023, manifested through five different botnets operated by various affiliates, cybersecurity firm Cleafy said in an analysis]]> 2024-06-26T13:08:00+00:00 https://thehackernews.com/2024/06/new-medusa-android-trojan-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8525854 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites. More than 110,000 sites that embed the library are impacted by the supply chain attack, Sansec said in a Tuesday report. Polyfill is a popular library that]]> 2024-06-26T09:54:00+00:00 https://thehackernews.com/2024/06/over-110000-websites-affected-by.html www.secnews.physaphae.fr/article.php?IdArticle=8525747 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses. Elastic Security Labs has codenamed the approach GrimResource after identifying an artifact ("sccm-updater.msc") that was uploaded to the VirusTotal malware]]> 2024-06-25T16:12:00+00:00 https://thehackernews.com/2024/06/new-attack-technique-exploits-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8525279 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk - the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do not protect from internal data exfiltration, like employees pasting sensitive data to ChatGPT. As it]]> 2024-06-25T15:12:00+00:00 https://thehackernews.com/2024/06/how-to-cut-costs-with-browser-security.html www.secnews.physaphae.fr/article.php?IdArticle=8525245 False None ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER. "The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022," Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said in a]]> 2024-06-25T15:00:00+00:00 https://thehackernews.com/2024/06/new-cyberthreat-boolka-deploying.html www.secnews.physaphae.fr/article.php?IdArticle=8525280 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the "largest compromises of classified information in the history" of the country. Capping off a 14-year legal saga, Assange, 52, pleaded guilty to one criminal count of conspiring to]]> 2024-06-25T10:33:00+00:00 https://thehackernews.com/2024/06/wikileaks-julian-assange-released-from.html www.secnews.physaphae.fr/article.php?IdArticle=8525099 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies. The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien Nguyen), Nguyen Trang Xuyen, and Nguyen Van Truong (aka Chung Nguyen), have been accused of conducting]]> 2024-06-25T09:22:00+00:00 https://thehackernews.com/2024/06/4-fin9-linked-vietnamese-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8525051 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the attacker-controlled server," Wordfence security researcher Chloe Chamberland said in a Monday alert.]]> 2024-06-25T09:02:00+00:00 https://thehackernews.com/2024/06/multiple-wordpress-plugins-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8525052 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target codebase," Google Project Zero researchers Sergei Glazunov and Mark Brand said. "The agent is provided]]> 2024-06-24T20:33:00+00:00 https://thehackernews.com/2024/06/google-introduces-project-naptime-for.html www.secnews.physaphae.fr/article.php?IdArticle=8524734 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed a now-patch security flaw affecting the Ollama open-source artificial intelligence (AI) infrastructure platform that could be exploited to achieve remote code execution. Tracked as CVE-2024-37032, the vulnerability has been codenamed Probllama by cloud security firm Wiz. Following responsible disclosure on May 5, 2024, the issue was addressed in version]]> 2024-06-24T19:22:00+00:00 https://thehackernews.com/2024/06/critical-rce-vulnerability-discovered.html www.secnews.physaphae.fr/article.php?IdArticle=8524700 False Tool,Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill\'s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  Cybersecurity professionals are facing unprecedented challenges as they strive to manage increasing workloads]]> 2024-06-24T16:51:00+00:00 https://thehackernews.com/2024/06/ease-burden-with-ai-driven-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8524601 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future\'s Insikt Group is tracking the activity under the name RedJuliett, describing it as a cluster that operates Fuzhou, China, to support Beijing\'s intelligence]]> 2024-06-24T13:19:00+00:00 https://thehackernews.com/2024/06/redjuliett-cyber-espionage-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8524508 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps. "It provides malicious actors with a powerful toolkit for remote administration and control, enabling a range of malicious activities]]> 2024-06-24T10:34:00+00:00 https://thehackernews.com/2024/06/iranian-hackers-deploy-rafel-rat-in.html www.secnews.physaphae.fr/article.php?IdArticle=8524430 False Tool,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies researchers Vladislav Lunin and Alexander Badayev said in a technical report]]> 2024-06-22T16:58:00+00:00 https://thehackernews.com/2024/06/excobalt-cyber-gang-targets-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8523398 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes," cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month. "]]> 2024-06-22T16:33:00+00:00 https://thehackernews.com/2024/06/warning-new-adware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8523399 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of the Treasury\'s Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber]]> 2024-06-22T11:30:00+00:00 https://thehackernews.com/2024/06/us-treasury-sanctions-12-kaspersky.html www.secnews.physaphae.fr/article.php?IdArticle=8523253 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries\' Ministries]]> 2024-06-21T19:12:00+00:00 https://thehackernews.com/2024/06/chinese-hackers-deploy-spicerat-and.html www.secnews.physaphae.fr/article.php?IdArticle=8522746 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence. "While there are many methods used today to deploy malware, the threat actors]]> 2024-06-21T18:31:00+00:00 https://thehackernews.com/2024/06/military-themed-emails-used-to-spread.html www.secnews.physaphae.fr/article.php?IdArticle=8522706 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That\'s according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing. The]]> 2024-06-21T15:21:00+00:00 https://thehackernews.com/2024/06/oyster-backdoor-spreading-via.html www.secnews.physaphae.fr/article.php?IdArticle=8522567 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine. Affecting all versions of the software prior to and including Serv-U 15.4.2]]> 2024-06-21T14:24:00+00:00 https://thehackernews.com/2024/06/solarwinds-serv-u-vulnerability-under.html www.secnews.physaphae.fr/article.php?IdArticle=8522568 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Commerce\'s Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab\'s U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company\'s affiliates, subsidiaries and parent companies, the department said, adding the action is based on]]> 2024-06-21T09:55:00+00:00 https://thehackernews.com/2024/06/us-bans-kaspersky-software-citing.html www.secnews.physaphae.fr/article.php?IdArticle=8522440 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform]]> 2024-06-20T19:52:00+00:00 https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8521943 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country\'s information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,]]> 2024-06-20T19:30:00+00:00 https://thehackernews.com/2024/06/french-diplomatic-entities-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8521944 False None APT 29 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining]]> 2024-06-20T16:19:00+00:00 https://thehackernews.com/2024/06/tool-overload-why-msps-are-still.html www.secnews.physaphae.fr/article.php?IdArticle=8521793 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News]]> 2024-06-20T15:52:00+00:00 https://thehackernews.com/2024/06/chinese-cyber-espionage-targets-telecom.html www.secnews.physaphae.fr/article.php?IdArticle=8521794 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it\'s aware of four different distribution methods -- namely VBA dropper, VBA downloader, link downloader, and executable downloader -- with some of them using a]]> 2024-06-20T13:39:00+00:00 https://thehackernews.com/2024/06/new-rust-based-fickle-malware-uses.html www.secnews.physaphae.fr/article.php?IdArticle=8521728 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack chains leverage phishing emails that]]> 2024-06-20T12:04:00+00:00 https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html www.secnews.physaphae.fr/article.php?IdArticle=8521661 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken\'s Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert about a bug that "allowed them to]]> 2024-06-19T22:10:00+00:00 https://thehackernews.com/2024/06/kraken-crypto-exchange-hit-by-3-million.html www.secnews.physaphae.fr/article.php?IdArticle=8521232 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available]]> 2024-06-19T20:39:00+00:00 https://thehackernews.com/2024/06/chinese-cyber-espionage-group-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8521193 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Are your tags really safe with Google Tag Manager? If you\'ve been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can\'t afford to allow tags to go unmanaged or become misconfigured.  Read the]]> 2024-06-19T16:33:00+00:00 https://thehackernews.com/2024/06/new-case-study-unmanaged-gtm-tags.html www.secnews.physaphae.fr/article.php?IdArticle=8521064 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0. "The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as]]> 2024-06-19T15:53:00+00:00 https://thehackernews.com/2024/06/void-arachne-uses-deepfakes-and-ai-to.html www.secnews.physaphae.fr/article.php?IdArticle=8521026 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft. The attack chains involve the use of a purported virtual meeting software named Vortax (and 23 other apps) that are used as a conduit to deliver Rhadamanthys, StealC,]]> 2024-06-19T15:38:00+00:00 https://thehackernews.com/2024/06/warning-markopolos-scam-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8521027 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances. Both shortcomings impact all versions of the software prior to version 2024-04, which was released on April 4, 2024. The issues were responsibly disclosed by SonarSource on March 22, 2024. The flaws]]> 2024-06-19T13:06:00+00:00 https://thehackernews.com/2024/06/mailcow-mail-server-flaws-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8520936 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A controversial proposal put forth by the European Union to scan users\' private messages for detection child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused messaging service of the same name. "Mandating mass scanning of private communications fundamentally]]> 2024-06-18T21:52:00+00:00 https://thehackernews.com/2024/06/signal-foundation-warns-against-eus.html www.secnews.physaphae.fr/article.php?IdArticle=8520550 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive files containing trojanized copies of a Cisco Webex Meetings App (ptService.exe)," Trellix security]]> 2024-06-18T19:00:00+00:00 https://thehackernews.com/2024/06/cybercriminals-exploit-free-software.html www.secnews.physaphae.fr/article.php?IdArticle=8520463 False Malware,Threat,Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of cybersecurity, according to a new survey released this month by the Cloud Security Alliance (CSA). Despite economic instability and major job cuts in 2023, organizations drastically increased investment in]]> 2024-06-18T16:53:00+00:00 https://thehackernews.com/2024/06/the-annual-saas-security-report-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8520400 False Prediction,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed is a remote access tool that\'s capable of downloading and executing more malicious programs as well as a utility to propagate the malware via SSH, cloud analytics platform Datadog]]> 2024-06-18T15:11:00+00:00 https://thehackernews.com/2024/06/new-malware-targets-exposed-docker-apis.html www.secnews.physaphae.fr/article.php?IdArticle=8520366 False Malware,Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows - CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) - Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could]]> 2024-06-18T13:54:00+00:00 https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8520309 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023. The unnamed individuals, aged 26 and 47, engaged in scams that tricked unsuspecting users into downloading malicious apps onto their Android devices via phishing campaigns with the aim of stealing]]> 2024-06-18T13:08:00+00:00 https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html www.secnews.physaphae.fr/article.php?IdArticle=8520280 False Malware,Legislation,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device,"]]> 2024-06-17T20:09:00+00:00 https://thehackernews.com/2024/06/asus-patches-critical-authentication.html www.secnews.physaphae.fr/article.php?IdArticle=8519830 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which responded to]]> 2024-06-17T17:29:00+00:00 https://thehackernews.com/2024/06/china-linked-hackers-infiltrate-east.html www.secnews.physaphae.fr/article.php?IdArticle=8519768 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.]]> 2024-06-17T16:56:00+00:00 https://thehackernews.com/2024/06/what-is-devsecops-and-why-is-it.html www.secnews.physaphae.fr/article.php?IdArticle=8519739 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim\'s system," German]]> 2024-06-17T11:58:00+00:00 https://thehackernews.com/2024/06/hackers-exploit-legitimate-websites-to.html www.secnews.physaphae.fr/article.php?IdArticle=8519593 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. "Due to the nature of crack programs, information sharing amongst]]> 2024-06-17T10:41:00+00:00 https://thehackernews.com/2024/06/nicerat-malware-targets-south-korean.html www.secnews.physaphae.fr/article.php?IdArticle=8519566 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the]]> 2024-06-16T10:01:00+00:00 https://thehackernews.com/2024/06/uk-hacker-linked-to-notorious-scattered.html www.secnews.physaphae.fr/article.php?IdArticle=8518959 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group\'s latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage and SMS," Resecurity said in a report published earlier this week. "The goal is]]> 2024-06-15T15:21:00+00:00 https://thehackernews.com/2024/06/grandoreiro-banking-trojan-hits-brazil.html www.secnews.physaphae.fr/article.php?IdArticle=8518517 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary\'s exclusive use of a malware called DISGOMOJI that\'s written in Golang and is designed to infect Linux systems. "It is a modified version of the public project]]> 2024-06-15T13:43:00+00:00 https://thehackernews.com/2024/06/pakistani-hackers-use-disgomoji-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8518492 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta on Friday said it\'s delaying its efforts to train the company\'s large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC). The company expressed disappointment at having to put its AI plans on pause, stating it had taken into account feedback from regulators and]]> 2024-06-15T13:19:00+00:00 https://thehackernews.com/2024/06/meta-halts-ai-training-on-eu-user-data.html www.secnews.physaphae.fr/article.php?IdArticle=8518440 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google\'s plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users. "While the so-called \'Privacy Sandbox\' is advertised as an improvement over extremely invasive third-party tracking, the tracking is now simply done]]> 2024-06-14T18:51:00+00:00 https://thehackernews.com/2024/06/googles-privacy-sandbox-accused-of-user.html www.secnews.physaphae.fr/article.php?IdArticle=8518002 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data is growing faster than ever. Remember when petabytes (that\'s 1,000,000 gigabytes!) were only for tech giants? Well, that\'s so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn\'t just about storage anymore. This data is ALIVE-it\'s constantly accessed, analyzed, shared, and even used to train the next wave of AI. This creates a huge challenge: how do you]]> 2024-06-14T17:54:00+00:00 https://thehackernews.com/2024/06/learn-to-secure-petabyte-scale-data-in.html www.secnews.physaphae.fr/article.php?IdArticle=8517937 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cyber threats loom large and data breaches continue to pose increasingly significant risks. Organizations and industries that handle sensitive information and valuable assets make prime targets for cybercriminals seeking financial gain or strategic advantage.  Which is why many highly regulated sectors, from finance to utilities, are turning to military-grade cyber defenses to safeguard]]> 2024-06-14T16:31:00+00:00 https://thehackernews.com/2024/06/why-regulated-industries-are-turning-to.html www.secnews.physaphae.fr/article.php?IdArticle=8517907 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could be used by attackers to defeat authentication, steal biometric data, and even deploy malicious backdoors. "By adding random user data to the database or using a fake QR code, a nefarious actor can easily bypass the verification process and gain unauthorized access,"]]> 2024-06-14T13:39:00+00:00 https://thehackernews.com/2024/06/zkteco-biometric-system-found.html www.secnews.physaphae.fr/article.php?IdArticle=8517815 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country\'s emergence as an influential power has drawn the attention of cyber espionage groups. "North Korean government-backed actors have targeted the Brazilian government and Brazil\'s aerospace, technology, and financial services sectors," Google\'s Mandiant and]]> 2024-06-14T12:15:00+00:00 https://thehackernews.com/2024/06/north-korean-hackers-target-brazilian.html www.secnews.physaphae.fr/article.php?IdArticle=8517782 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday revealed that it\'s delaying the rollout of the controversial artificial intelligence (AI)-powered Recall feature for Copilot+ PCs. To that end, the company said it intends to shift from general availability preview available first in the Windows Insider Program (WIP) in the coming weeks. "We are adjusting the release model for Recall to leverage the expertise of the Windows]]> 2024-06-14T10:00:00+00:00 https://thehackernews.com/2024/06/microsoft-delays-ai-powered-recall.html www.secnews.physaphae.fr/article.php?IdArticle=8517691 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The security risks posed by the Pickle format have once again come to the fore with the discovery of a new "hybrid machine learning (ML) model exploitation technique" dubbed Sleepy Pickle. The attack method, per Trail of Bits, weaponizes the ubiquitous format used to package and distribute machine learning (ML) models to corrupt the model itself, posing a severe supply chain risk to an]]> 2024-06-13T19:38:00+00:00 https://thehackernews.com/2024/06/new-attack-technique-sleepy-pickle.html www.secnews.physaphae.fr/article.php?IdArticle=8517162 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper has been attributed to a mobile espionage campaign that leverages trojanized Android apps to deliver a spyware strain dubbed AridSpy. "The malware is distributed through dedicated websites impersonating various messaging apps, a job opportunity app, and a Palestinian Civil Registry app," ESET researcher Lukáš Štefanko said in a report published today. "Often]]> 2024-06-13T19:25:00+00:00 https://thehackernews.com/2024/06/arid-viper-launches-mobile-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=8517163 False Malware,Threat,Mobile APT-C-23 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don\'t have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initial]]> 2024-06-13T17:00:00+00:00 https://thehackernews.com/2024/06/why-saas-security-is-suddenly-hot.html www.secnews.physaphae.fr/article.php?IdArticle=8517164 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are administered using another standalone tool referred to as GravityAdmin. The]]> 2024-06-13T15:56:00+00:00 https://thehackernews.com/2024/06/pakistan-linked-malware-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8517165 False Malware,Tool,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer. "The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing self-modifying techniques to evade detection," security researchers Nicole Fishbein and Ryan Robinson said in]]> 2024-06-13T15:49:00+00:00 https://thehackernews.com/2024/06/cybercriminals-employ-phantomloader-to.html www.secnews.physaphae.fr/article.php?IdArticle=8517166 False Malware,Patching None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs. The product is believed to have been]]> 2024-06-13T13:35:00+00:00 https://thehackernews.com/2024/06/ukraine-police-arrest-suspect-linked-to.html www.secnews.physaphae.fr/article.php?IdArticle=8517167 False Ransomware,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details related to the nature of attacks exploiting it, but noted "there are indications that CVE-2024-32896 may be]]> 2024-06-13T12:38:00+00:00 https://thehackernews.com/2024/06/google-warns-of-pixel-firmware-security.html www.secnews.physaphae.fr/article.php?IdArticle=8517168 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said "this backdoor is not merely a variant of existing malware, but is a new type altogether."]]> 2024-06-13T11:55:00+00:00 https://thehackernews.com/2024/06/new-cross-platform-malware-noodle-rat.html www.secnews.physaphae.fr/article.php?IdArticle=8517169 False Malware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it\'s an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023. "In this incident, the threat actor abused anonymous access to an]]> 2024-06-12T19:12:00+00:00 https://thehackernews.com/2024/06/cryptojacking-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8517170 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company\'s clientele, igniting a firestorm of concern and outrage.  A massive data breach Let\'s]]> 2024-06-12T16:55:00+00:00 https://thehackernews.com/2024/06/lessons-from-ticketmaster-snowflake.html www.secnews.physaphae.fr/article.php?IdArticle=8517171 False Data Breach None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as a zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve]]> 2024-06-12T16:41:00+00:00 https://thehackernews.com/2024/06/black-basta-ransomware-may-have.html www.secnews.physaphae.fr/article.php?IdArticle=8517172 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. "WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads," Elastic Security Labs researcher Daniel Stepanic said in a new analysis. "Each sample is compiled]]> 2024-06-12T14:17:00+00:00 https://thehackernews.com/2024/06/new-phishing-campaign-deploys.html www.secnews.physaphae.fr/article.php?IdArticle=8517173 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known. "The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed the]]> 2024-06-12T13:36:00+00:00 https://thehackernews.com/2024/06/china-backed-hackers-exploit-fortinet.html www.secnews.physaphae.fr/article.php?IdArticle=8517174 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month. None of the security flaws have been actively exploited in the wild, with one of them listed as]]> 2024-06-12T09:56:00+00:00 https://thehackernews.com/2024/06/microsoft-issues-patches-for-51-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8517175 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Managed service providers (MSPs) are on the front lines of soaring demand for cybersecurity services as cyberattacks increase in volume and sophistication. Cynet has emerged as the security vendor of choice for MSPs to capitalize on existing relationships with SMB clients and profitably expand their client base. By unifying a full suite of cybersecurity capabilities in a simple, cost-effective]]> 2024-06-11T21:40:00+00:00 https://thehackernews.com/2024/06/how-cynet-makes-msps-rich-their-clients.html www.secnews.physaphae.fr/article.php?IdArticle=8517176 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023. The adversary, according to Infoblox security researchers Dr. Renée Burton and Dave Mitchell, operates from the China Education and Research Network (CERNET), a project funded by the Chinese government. "These]]> 2024-06-11T20:02:00+00:00 https://thehackernews.com/2024/06/chinese-actor-secshow-conducts-massive.html www.secnews.physaphae.fr/article.php?IdArticle=8517177 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) One of the most effective ways for information technology (IT) professionals to uncover a company\'s weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization\'s security posture, revealing weaknesses that could potentially lead to data breaches or other security]]> 2024-06-11T16:30:00+00:00 https://thehackernews.com/2024/06/top-10-critical-pentest-findings-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8517178 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has announced the launch of a "groundbreaking cloud intelligence system" called Private Cloud Compute (PCC) that\'s designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud. The tech giant described PCC as the "most advanced security architecture ever deployed for cloud AI compute at scale." PCC coincides with the arrival of new generative AI (]]> 2024-06-11T15:40:00+00:00 https://thehackernews.com/2024/06/apple-integrates-openais-chatgpt-into.html www.secnews.physaphae.fr/article.php?IdArticle=8517179 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that\'s being distributed as part of a new campaign. "In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs," Zscaler ThreatLabz researchers Muhammed Irfan V A and Manisha Ramcharan Prajapati said. ValleyRAT]]> 2024-06-11T14:17:00+00:00 https://thehackernews.com/2024/06/china-linked-valleyrat-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8517180 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought. Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the]]> 2024-06-11T12:22:00+00:00 https://thehackernews.com/2024/06/snowflake-breach-exposes-165-customers.html www.secnews.physaphae.fr/article.php?IdArticle=8517181 False Cloud None 3.0000000000000000