This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:40:51+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as CVE-2024-4610, the use-after-free issue impacts the following products - Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) Valhall GPU Kernel Driver (all versions from r34p0 to r40p0) "A local non-privileged user can make improper GPU memory]]> 2024-06-11T12:07:00+00:00 https://thehackernews.com/2024/06/arm-warns-of-actively-exploited-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8517182 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have spotted a phishing attack distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago. The attack, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, Canadian cybersecurity firm eSentire disclosed last week. "Specifically, the targeted individual was a]]> 2024-06-10T20:54:00+00:00 https://thehackernews.com/2024/06/moreeggs-malware-disguised-as-resumes.html www.secnews.physaphae.fr/article.php?IdArticle=8516361 False Malware,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Staying Sharp: Cybersecurity CPEs Explained Perhaps even more so than in other professional domains, cybersecurity professionals constantly face new threats. To ensure you stay on top of your game, many certification programs require earning Continuing Professional Education (CPE) credits. CPEs are essentially units of measurement used to quantify the time and effort professionals spend on]]> 2024-06-10T17:01:00+00:00 https://thehackernews.com/2024/06/cybersecurity-cpes-unraveling-what-why.html www.secnews.physaphae.fr/article.php?IdArticle=8516274 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning about the potential abuse of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain unauthorized access to cloud resources. "This case does highlight an inherent risk in using service tags as a single mechanism for vetting incoming network traffic," the Microsoft Security Response Center (]]> 2024-06-10T16:50:00+00:00 https://thehackernews.com/2024/06/azure-service-tags-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8516275 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People\'s Republic of China (PRC). "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs," Google Threat Analysis Group (TAG) researcher Billy Leonard said in the company\'s quarterly bulletin]]> 2024-06-10T16:30:00+00:00 https://thehackernews.com/2024/06/google-takes-down-influence-campaigns.html www.secnews.physaphae.fr/article.php?IdArticle=8516276 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus. The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vaccine development, and the aviation sector, expanding beyond their initial focus of government]]> 2024-06-10T10:59:00+00:00 https://thehackernews.com/2024/06/sticky-werewolf-expands-cyber-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8516123 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system. According to DEVCORE security researcher, the shortcoming makes]]> 2024-06-08T13:05:00+00:00 https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8515151 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday said it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it an opt-in. Recall, currently in preview and coming exclusively to Copilot+ PCs on June 18, 2024, functions as an "explorable visual timeline" by capturing screenshots of what appears on users\' screens every five seconds, which are subsequently analyzed and]]> 2024-06-08T12:24:00+00:00 https://thehackernews.com/2024/06/microsoft-revamps-controversial-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8515126 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these attacks? Astronomical. The damage to reputations? Irreparable. But here\'s the shocking truth: many of these attacks could have been prevented with basic cyber hygiene. Are you ready to transform your]]> 2024-06-07T21:27:00+00:00 https://thehackernews.com/2024/06/ultimate-cyber-hygiene-guide-learn-how.html www.secnews.physaphae.fr/article.php?IdArticle=8514758 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant. The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,]]> 2024-06-07T21:14:00+00:00 https://thehackernews.com/2024/06/lightspy-spywares-macos-variant-found.html www.secnews.physaphae.fr/article.php?IdArticle=8514759 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Traditional SCAs Are Broken: Did You Know You Are Missing Critical Pieces? Application Security professionals face enormous challenges securing their software supply chains, racing against time to beat the attacker to the mark.  Software Composition Analysis (SCA) tools have become a basic instrument in the application security arsenal in the last 7 years. Although essential, many platforms]]> 2024-06-07T16:39:00+00:00 https://thehackernews.com/2024/06/cyber-landscape-is-evolving-so-should.html www.secnews.physaphae.fr/article.php?IdArticle=8514643 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools. To that end, apps that generate content using AI must ensure they don\'t create]]> 2024-06-07T16:37:00+00:00 https://thehackernews.com/2024/06/the-ai-debate-googles-guidelines-metas.html www.secnews.physaphae.fr/article.php?IdArticle=8514644 False Tool,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) has disclosed that it\'s in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. "We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov," FBI Cyber Division]]> 2024-06-07T13:18:00+00:00 https://thehackernews.com/2024/06/fbi-distributes-7000-lockbit-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8514568 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, which is also called Vermin and is assessed to be associated with security agencies of the Luhansk]]> 2024-06-07T12:43:00+00:00 https://thehackernews.com/2024/06/spectr-malware-targets-ukraine-defense.html www.secnews.physaphae.fr/article.php?IdArticle=8514542 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. "The attackers used the cmd.cat/chattr docker image container that retrieves the payload from their own command-and-control (C&C) infrastructure," Trend Micro researchers Sunil Bharti and Shubham]]> 2024-06-07T10:40:00+00:00 https://thehackernews.com/2024/06/commando-cat-cryptojacking-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8514493 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The distributed denial-of-service (DDoS) botnet known as Muhstik has been observed leveraging a now-patched security flaw impacting Apache RocketMQ to co-opt susceptible servers and expand its scale. "Muhstik is a well-known threat targeting IoT devices and Linux-based servers, notorious for its ability to infect devices and utilize them for cryptocurrency mining and launching Distributed Denial]]> 2024-06-06T18:44:00+00:00 https://thehackernews.com/2024/06/muhstik-botnet-exploiting-apache.html www.secnews.physaphae.fr/article.php?IdArticle=8514147 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill\'s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising]]> 2024-06-06T17:00:00+00:00 https://thehackernews.com/2024/06/third-party-cyber-attacks-threat-no-one.html www.secnews.physaphae.fr/article.php?IdArticle=8514089 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tom works for a reputable financial institution. He has a long, complex password that would be near-impossible to guess. He\'s memorized it by heart, so he started using it for his social media accounts and on his personal devices too. Unbeknownst to Tom, one of these sites has had its password database compromised by hackers and put it up for sale on the dark web. Now threat actors are working]]> 2024-06-06T15:25:00+00:00 https://thehackernews.com/2024/06/prevent-account-takeover-with-better.html www.secnews.physaphae.fr/article.php?IdArticle=8514039 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and government industries," Check Point security researcher Jiri Vinopal said in an analysis. The volume of]]> 2024-06-06T15:24:00+00:00 https://thehackernews.com/2024/06/hackers-exploit-legitimate-packer.html www.secnews.physaphae.fr/article.php?IdArticle=8514040 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced plans to store Maps Timeline data locally on users\' devices instead of their Google account effective December 1, 2024. The changes were originally announced by the tech giant in December 2023, alongside changes to the auto-delete control when enabling Location History by setting it to three months by default, down from the previous limit of 18 months. Google Maps Timeline,]]> 2024-06-06T12:45:00+00:00 https://thehackernews.com/2024/06/google-maps-timeline-data-to-be-stored.html www.secnews.physaphae.fr/article.php?IdArticle=8514041 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that\'s designed to deliver an information stealer called Lumma (aka LummaC2). The package in question is crytic-compilers, a typosquatted version of a legitimate library named crytic-compile. The rogue package was downloaded 441 times before it was taken down by PyPI]]> 2024-06-06T11:19:00+00:00 https://thehackernews.com/2024/06/hackers-target-python-developers-with.html www.secnews.physaphae.fr/article.php?IdArticle=8514042 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. "The overall goal behind the campaign was to maintain access to the target network for cyberespionage in support of Chinese state interests," Sophos researchers Paul Jaramillo, Morgan Demboski, Sean]]> 2024-06-05T16:50:00+00:00 https://thehackernews.com/2024/06/chinese-state-backed-cyber-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=8513616 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many of]]> 2024-06-05T16:30:00+00:00 https://thehackernews.com/2024/06/unpacking-2024s-saas-threat-predictions.html www.secnews.physaphae.fr/article.php?IdArticle=8513617 False Threat,Studies,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double extortion tactics to steal and encrypt victims\' data for financial gain. It\'s operational across multiple platforms,]]> 2024-06-05T15:40:00+00:00 https://thehackernews.com/2024/06/rebranded-knight-ransomware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8513587 False Ransomware,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating system (OS) commands and arbitrary code on affected installations. Impacted models include NAS326]]> 2024-06-05T12:40:00+00:00 https://thehackernews.com/2024/06/zyxel-releases-patches-for-firmware.html www.secnews.physaphae.fr/article.php?IdArticle=8513504 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows malware propagated via direct messages to compromise brand and celebrity accounts without having to]]> 2024-06-05T11:52:00+00:00 https://thehackernews.com/2024/06/celebrity-tiktok-accounts-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8513481 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog. Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent threat (APT) group called HellHounds. "The Hellhounds group compromises organizations they select and]]> 2024-06-04T21:03:00+00:00 https://thehackernews.com/2024/06/russian-power-companies-it-firms-and.html www.secnews.physaphae.fr/article.php?IdArticle=8513101 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users. The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8 out of a maximum of 10.0. "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or]]> 2024-06-04T20:13:00+00:00 https://thehackernews.com/2024/06/telerik-report-server-flaw-could-let.html www.secnews.physaphae.fr/article.php?IdArticle=8513065 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today\'s SaaS-centric world. The limitations of Browser Isolation, such as degraded browser performance and inability to tackle]]> 2024-06-04T16:49:00+00:00 https://thehackernews.com/2024/06/the-next-generation-of-rbi-remote.html www.secnews.physaphae.fr/article.php?IdArticle=8512998 False Malware TYPEFRAME 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts. The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initiate the infection, "The attacker uses a multi-stage malware strategy to deliver the notorious \'Cobalt]]> 2024-06-04T16:37:00+00:00 https://thehackernews.com/2024/06/hackers-use-ms-excel-macro-to-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8512999 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud computing and analytics company Snowflake said a "limited number" of its customers have been singled out as part of a targeted campaign. "We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake\'s platform," the company said in a joint statement along with CrowdStrike and Google-owned Mandiant. "We have not identified]]> 2024-06-04T15:58:00+00:00 https://thehackernews.com/2024/06/snowflake-warns-targeted-credential.html www.secnews.physaphae.fr/article.php?IdArticle=8512936 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curve. The updates have been observed in version 6 of DarkGate released in March 2024 by its developer RastaFarEye, who]]> 2024-06-04T12:03:00+00:00 https://thehackernews.com/2024/06/darkgate-malware-replaces-autoit-with.html www.secnews.physaphae.fr/article.php?IdArticle=8512816 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized]]> 2024-06-04T08:55:00+00:00 https://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html www.secnews.physaphae.fr/article.php?IdArticle=8512753 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that\'s designed to drop a remote access trojan (RAT) on compromised systems. The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a "logger for gulp and gulp plugins." It has been downloaded 175 times to date. Software supply chain security]]> 2024-06-03T19:30:00+00:00 https://thehackernews.com/2024/06/researchers-uncover-rat-dropping-npm.html www.secnews.physaphae.fr/article.php?IdArticle=8512451 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware.  Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, Veron over the past few years, according to a video released by the agencies. "Who is he working with? What is his]]> 2024-06-03T19:15:00+00:00 https://thehackernews.com/2024/06/authorities-ramp-up-efforts-to-capture.html www.secnews.physaphae.fr/article.php?IdArticle=8512452 False Malware,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are evolving, yet Cyber Threat Intelligence (CTI) remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the enterprise. Cato\'s Cyber Threat Research Lab (Cato CTRL, see more details below) has recently released]]> 2024-06-03T16:26:00+00:00 https://thehackernews.com/2024/06/sase-threat-report-8-key-findings-for.html www.secnews.physaphae.fr/article.php?IdArticle=8512362 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Now-patched authorization bypass issues impacting Cox modems that could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands. "This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could\'ve executed commands and modified the settings of millions of modems, accessed any business customer\'s]]> 2024-06-03T15:50:00+00:00 https://thehackernews.com/2024/06/researcher-uncovers-flaws-in-cox-modems.html www.secnews.physaphae.fr/article.php?IdArticle=8512331 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. "Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks," the AhnLab Security Intelligence Center (ASEC) said in a report]]> 2024-06-03T13:04:00+00:00 https://thehackernews.com/2024/06/andariel-hackers-target-south-korean.html www.secnews.physaphae.fr/article.php?IdArticle=8512269 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). "Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware," cybersecurity firm eSentire said in a new report. "In April 2024, we observed FakeBat being distributed]]> 2024-06-03T09:21:00+00:00 https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html www.secnews.physaphae.fr/article.php?IdArticle=8512138 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. "We have suspicions that a subset of Spaces\' secrets could have been accessed without authorization," it said in an advisory. Spaces offers a way for users to create, host, and share AI and machine learning (ML) applications. It also functions as a]]> 2024-06-01T13:04:00+00:00 https://thehackernews.com/2024/06/ai-company-hugging-face-notifies-users.html www.secnews.physaphae.fr/article.php?IdArticle=8511082 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users\' access to the internet. The mysterious event, which took place between October 25 and 27, 2023, and impacted a single internet service provider (ISP) in the U.S., has been codenamed Pumpkin]]> 2024-05-31T22:30:00+00:00 https://thehackernews.com/2024/05/mysterious-cyber-attack-takes-down.html www.secnews.physaphae.fr/article.php?IdArticle=8510732 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets," the Microsoft Threat Intelligence team said.]]> 2024-05-31T19:12:00+00:00 https://thehackernews.com/2024/05/microsoft-warns-of-surge-in-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8510649 False Threat,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digital content is a double-edged sword, providing vast benefits while simultaneously posing significant threats to organizations across the globe. The sharing of digital content has increased significantly in recent years, mainly via email, digital documents, and chat. In turn, this has created an expansive attack surface and has made \'digital content\' the preferred carrier for cybercriminals]]> 2024-05-31T16:30:00+00:00 https://thehackernews.com/2024/05/beyond-threat-detection-race-to-digital.html www.secnews.physaphae.fr/article.php?IdArticle=8510578 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05, Pawn Storm, Sednit, Sofacy, and TA422, is an advanced persistent threat (APT) group affiliated with]]> 2024-05-31T15:40:00+00:00 https://thehackernews.com/2024/05/russian-hackers-target-europe-with.html www.secnews.physaphae.fr/article.php?IdArticle=8510552 False Malware,Threat APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) OpenAI on Thursday disclosed that it took steps to cut off five covert influence operations (IO) originating from China, Iran, Israel, and Russia that sought to abuse its artificial intelligence (AI) tools to manipulate public discourse or political outcomes online while obscuring their true identity. These activities, which were detected over the past three months, used its AI models to]]> 2024-05-31T13:41:00+00:00 https://thehackernews.com/2024/05/openai-meta-tiktok-disrupt-multiple-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8510505 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severity issue relates to a use-after-free bug in the netfilter component that permits a local attacker to elevate privileges]]> 2024-05-30T23:15:00+00:00 https://thehackernews.com/2024/05/cisa-alerts-federal-agencies-to-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8510177 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to open malicious files via debt-themed lures," Cloudflare\'s threat intelligence team Cloudforce One]]> 2024-05-30T22:07:00+00:00 https://thehackernews.com/2024/05/flyingyeti-exploits-winrar.html www.secnews.physaphae.fr/article.php?IdArticle=8510149 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021. "The campaign is geared toward establishing long-term access to compromised victim organizations to enable LilacSquid to siphon data of interest to]]> 2024-05-30T20:56:00+00:00 https://thehackernews.com/2024/05/cyber-espionage-alert-lilacsquid.html www.secnews.physaphae.fr/article.php?IdArticle=8510090 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now incorporates new anti-analysis techniques, according to findings from web infrastructure and security]]> 2024-05-30T19:54:00+00:00 https://thehackernews.com/2024/05/redtail-crypto-mining-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8510056 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. "These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site scripting (XSS) attacks due to inadequate input sanitization]]> 2024-05-30T19:19:00+00:00 https://thehackernews.com/2024/05/researchers-uncover-active-exploitation.html www.secnews.physaphae.fr/article.php?IdArticle=8510057 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users. Security]]> 2024-05-30T17:14:00+00:00 https://thehackernews.com/2024/05/how-to-build-your-autonomous-soc.html www.secnews.physaphae.fr/article.php?IdArticle=8509998 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame. "The actions focused on disrupting criminal services through arresting High Value Targets, taking down the criminal infrastructures and]]> 2024-05-30T16:10:00+00:00 https://thehackernews.com/2024/05/europol-dismantles-100-servers-linked.html www.secnews.physaphae.fr/article.php?IdArticle=8509965 False Malware,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world\'s largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global footprint spanning more than 190 countries, functioned as a residential proxy service known as 911 S5.]]> 2024-05-30T14:25:00+00:00 https://thehackernews.com/2024/05/us-dismantles-worlds-largest-911-s5.html www.secnews.physaphae.fr/article.php?IdArticle=8509910 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. "We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for a number of our customers," the Identity and access management (IAM) services provider said. The]]> 2024-05-30T12:22:00+00:00 https://thehackernews.com/2024/05/okta-warns-of-credential-stuffing.html www.secnews.physaphae.fr/article.php?IdArticle=8509848 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a broader campaign. The package in question is pytoileur, which has been downloaded 316 times as of writing. Interestingly, the package author, who goes by the name PhilipsPY, has uploaded a new version of the]]> 2024-05-29T22:52:00+00:00 https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html www.secnews.physaphae.fr/article.php?IdArticle=8509453 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. "The vulnerability potentially allows an attacker to read certain information on]]> 2024-05-29T20:46:00+00:00 https://thehackernews.com/2024/05/check-point-warns-of-zero-day-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8509387 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha. The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure," French cybersecurity company HarfangLab]]> 2024-05-29T20:28:00+00:00 https://thehackernews.com/2024/05/brazilian-banks-targeted-by-new.html www.secnews.physaphae.fr/article.php?IdArticle=8509349 False Malware,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023. According to court documents, Mullings is said to have opened 20 bank accounts in the]]> 2024-05-29T17:20:00+00:00 https://thehackernews.com/2024/05/us-sentences-31-year-old-to-10-years.html www.secnews.physaphae.fr/article.php?IdArticle=8509279 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks.  Employee offboarding is typically seen as a routine administrative task, but it can pose substantial security risks, if not handled correctly. Failing to quickly and thoroughly remove access for]]> 2024-05-29T17:01:00+00:00 https://thehackernews.com/2024/05/new-research-warns-about-weak.html www.secnews.physaphae.fr/article.php?IdArticle=8509280 False Studies,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group. "Moonstone Sleet is observed to set up fake companies and]]> 2024-05-29T16:05:00+00:00 https://thehackernews.com/2024/05/microsoft-uncovers-moonstone-sleet-new.html www.secnews.physaphae.fr/article.php?IdArticle=8509208 False Ransomware,Malware,Threat,Industrial APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site\'s online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,]]> 2024-05-29T12:41:00+00:00 https://thehackernews.com/2024/05/breachforums-returns-just-weeks-after.html www.secnews.physaphae.fr/article.php?IdArticle=8509110 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Indian national has pleaded guilty in the U.S. over charges of stealing more than $37 million by setting up a website that impersonated the Coinbase cryptocurrency exchange platform. Chirag Tomar, 30, pleaded guilty to wire fraud conspiracy, which carries a maximum sentence of 20 years in prison and a $250,000 fine. He was arrested on December 20, 2023, upon entering the country. "Tomar and]]> 2024-05-28T18:20:00+00:00 https://thehackernews.com/2024/05/indian-national-pleads-guilty-to-37.html www.secnews.physaphae.fr/article.php?IdArticle=8508565 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) You\'re probably familiar with the term “critical assets”. These are the technology assets within your company\'s IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe.  But is every technology asset considered]]> 2024-05-28T16:42:00+00:00 https://thehackernews.com/2024/05/4-step-approach-to-mapping-and-securing.html www.secnews.physaphae.fr/article.php?IdArticle=8508496 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks. "CatDDoS-related gangs\' samples have used a large number of known vulnerabilities to deliver samples," the QiAnXin XLab team ]]> 2024-05-28T15:45:00+00:00 https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html www.secnews.physaphae.fr/article.php?IdArticle=8508458 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data. The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.]]> 2024-05-28T12:00:00+00:00 https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html www.secnews.physaphae.fr/article.php?IdArticle=8508327 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests. The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 1_1.1.6. It has ]]> 2024-05-28T10:41:00+00:00 https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8508328 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that\'s behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We\'ve seen some examples where]]> 2024-05-27T17:42:00+00:00 https://thehackernews.com/2024/05/moroccan-cybercrime-group-steals-up-to.html www.secnews.physaphae.fr/article.php?IdArticle=8507831 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The transition to the cloud, poor password hygiene and the evolution in webpage technologies have all enabled the rise in phishing attacks. But despite sincere efforts by security stakeholders to mitigate them - through email protection, firewall rules and employee education - phishing attacks are still a very risky attack vector. A new report by LayerX explores the state of]]> 2024-05-27T17:16:00+00:00 https://thehackernews.com/2024/05/report-dark-side-of-phishing-protection.html www.secnews.physaphae.fr/article.php?IdArticle=8507797 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users\' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. The attack method, called transparent phishing or adversary-in-the-middle (AitM) phishing, "uses Cloudflare Workers to act as a reverse proxy server for a]]> 2024-05-27T14:32:00+00:00 https://thehackernews.com/2024/05/new-tricks-in-phishing-playbook.html www.secnews.physaphae.fr/article.php?IdArticle=8507738 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust. "This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist," the BlackBerry Research and Intelligence Team said in a technical report]]> 2024-05-27T12:01:00+00:00 https://thehackernews.com/2024/05/pakistan-linked-hackers-deploy-python.html www.secnews.physaphae.fr/article.php?IdArticle=8507674 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate\'s platform customers,"]]> 2024-05-25T14:41:00+00:00 https://thehackernews.com/2024/05/experts-find-flaw-in-replicate-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8506643 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the actor creating rogue virtual machines (VMs) within its VMware environment. "The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access," MITRE]]> 2024-05-24T22:00:00+00:00 https://thehackernews.com/2024/05/hackers-created-rogue-vms-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8506215 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices]]> 2024-05-24T18:20:00+00:00 https://thehackernews.com/2024/05/fake-antivirus-websites-deliver-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8506136 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Don\'t be fooled into thinking that cyber threats are only a problem for large organizations. The truth is that cybercriminals are increasingly targeting smaller businesses, and they\'re getting smarter every day. Join our FREE webinar "Navigating the SMB Threat Landscape: Key Insights from Huntress\' Threat Report," in which Jamie Levy - Director of Adversary Tactics at Huntress, a renowned]]> 2024-05-24T17:19:00+00:00 https://thehackernews.com/2024/05/how-do-hackers-blend-in-so-well-learn.html www.secnews.physaphae.fr/article.php?IdArticle=8506072 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction The infamous Colonial pipeline ransomware attack (2021) and SolarWinds supply chain attack (2020) were more than data leaks; they were seismic shifts in cybersecurity. These attacks exposed a critical challenge for Chief Information Security Officers (CISOs): holding their ground while maintaining control over cloud security in the accelerating world of DevOps.]]> 2024-05-24T16:05:00+00:00 https://thehackernews.com/2024/05/devops-dilemma-how-can-cisos-regain.html www.secnews.physaphae.fr/article.php?IdArticle=8506073 False Ransomware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild. Assigned the CVE identifier CVE-2024-5274, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Clément Lecigne of Google\'s Threat Analysis Group and Brendon Tiszka of]]> 2024-05-24T15:40:00+00:00 https://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html www.secnews.physaphae.fr/article.php?IdArticle=8506074 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that\'s associated with a known backdoor called RustDoor. The software supply chain attack, tracked as CVE-2024-4978, impacts JAVS Viewer v8.3.7, a component of the JAVS Suite 8 that allows users to create, manage, publish,]]> 2024-05-24T15:18:00+00:00 https://thehackernews.com/2024/05/courtroom-software-backdoored-to.html www.secnews.physaphae.fr/article.php?IdArticle=8506012 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered that the malware known as BLOODALCHEMY used in attacks targeting government organizations in Southern and Southeastern Asia is in fact an updated version of Deed RAT, which is believed to be a successor to ShadowPad. "The origin of BLOODALCHEMY and Deed RAT is ShadowPad and given the history of ShadowPad being utilized in numerous APT]]> 2024-05-24T14:43:00+00:00 https://thehackernews.com/2024/05/japanese-experts-warn-of-bloodalchemy.html www.secnews.physaphae.fr/article.php?IdArticle=8506013 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target for threat actors to abuse,"]]> 2024-05-23T22:33:00+00:00 https://thehackernews.com/2024/05/ransomware-attacks-exploit-vmware-esxi.html www.secnews.physaphae.fr/article.php?IdArticle=8505590 False Ransomware,Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2020-17519, the issue relates to a case of improper access control that]]> 2024-05-23T22:14:00+00:00 https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html www.secnews.physaphae.fr/article.php?IdArticle=8505591 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign. "The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while minimizing the exposure of their custom tools," Check Point]]> 2024-05-23T19:20:00+00:00 https://thehackernews.com/2024/05/new-frontiers-old-tactics-chinese-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8505502 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could we get it back? All are valid and necessary conversations for technology organizations of all shapes]]> 2024-05-23T16:44:00+00:00 https://thehackernews.com/2024/05/are-your-saas-backups-as-secure-as-your.html www.secnews.physaphae.fr/article.php?IdArticle=8505402 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actor\'s activity reveals long-term espionage operations against at least seven governmental entities," Palo Alto Networks]]> 2024-05-23T16:44:00+00:00 https://thehackernews.com/2024/05/inside-operation-diplomatic-specter.html www.secnews.physaphae.fr/article.php?IdArticle=8505403 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – relate to SQL injection flaws that allow an unauthenticated attacker within the same network to]]> 2024-05-23T14:51:00+00:00 https://thehackernews.com/2024/05/ivanti-patches-critical-remote-code.html www.secnews.physaphae.fr/article.php?IdArticle=8505339 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favor of more advanced alternatives such as JavaScript and PowerShell. "Technology has advanced over the years, giving rise to more powerful and versatile scripting languages such as JavaScript and PowerShell," Microsoft Program Manager Naveen Shankar said. "These languages]]> 2024-05-23T11:03:00+00:00 https://thehackernews.com/2024/05/the-end-of-era-microsoft-phases-out.html www.secnews.physaphae.fr/article.php?IdArticle=8505225 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that\'s believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets, Bitdefender said in a report shared with The Hacker News. "The investigation revealed a troubling]]> 2024-05-22T19:45:00+00:00 https://thehackernews.com/2024/05/researchers-warn-of-chinese-aligned.html www.secnews.physaphae.fr/article.php?IdArticle=8504840 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Rockwell Automation is urging its customers to disconnect all industrial control systems (ICSs) not meant to be connected to the public-facing internet to mitigate unauthorized or malicious cyber activity. The company said it\'s issuing the advisory due to "heightened geopolitical tensions and adversarial cyber activity globally." To that end, customers are required to take immediate]]> 2024-05-22T17:51:00+00:00 https://thehackernews.com/2024/05/rockwell-advises-disconnecting-internet.html www.secnews.physaphae.fr/article.php?IdArticle=8504732 False Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the hundreds, spread across departmental stacks, complicating the job of security teams to protect organizations against]]> 2024-05-22T15:31:00+00:00 https://thehackernews.com/2024/05/the-ultimate-saas-security-posture.html www.secnews.physaphae.fr/article.php?IdArticle=8504670 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what\'s called a Bring Your Own Vulnerable Driver (BYOVD) attack. Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese]]> 2024-05-22T14:27:00+00:00 https://thehackernews.com/2024/05/ghostengine-exploits-vulnerable-drivers.html www.secnews.physaphae.fr/article.php?IdArticle=8504635 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, banks, IT companies, and educational institutions. The first-ever compromise dates back to 2021. "This]]> 2024-05-22T13:11:00+00:00 https://thehackernews.com/2024/05/ms-exchange-server-flaws-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8504569 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese company QNAP has rolled out fixes for a set of medium-severity flaws impacting QTS and QuTS hero, some of which could be exploited to achieve code execution on its network-attached storage (NAS) appliances. The issues, which impact QTS 5.1.x and QuTS hero h5.1.x, are listed below - CVE-2024-21902 - An incorrect permission assignment for critical resource]]> 2024-05-22T10:45:00+00:00 https://thehackernews.com/2024/05/qnap-patches-new-flaws-in-qts-and-quts.html www.secnews.physaphae.fr/article.php?IdArticle=8504514 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Zoom Phone and Zoom Rooms coming in the future. "As adversarial threats become more sophisticated, so does the need to safeguard user data," the company said in a statement. "With the launch of post-quantum E2EE, we are doubling down on]]> 2024-05-22T10:16:00+00:00 https://thehackernews.com/2024/05/zoom-adopts-nist-approved-post-quantum.html www.secnews.physaphae.fr/article.php?IdArticle=8504515 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Veeam Backup Enterprise Manager are being urged to update to the latest version following the discovery of a critical security flaw that could permit an adversary to bypass authentication protections. Tracked as CVE-2024-29849 (CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as]]> 2024-05-22T09:15:00+00:00 https://thehackernews.com/2024/05/critical-veeam-backup-enterprise.html www.secnews.physaphae.fr/article.php?IdArticle=8504489 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication. "On instances that use SAML single sign-on (SSO) authentication with the]]> 2024-05-21T21:46:00+00:00 https://thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8504194 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox as staging platforms to manage file uploads and downloads," Securonix]]> 2024-05-21T19:49:00+00:00 https://thehackernews.com/2024/05/malware-delivery-via-cloud-services.html www.secnews.physaphae.fr/article.php?IdArticle=8504105 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. "The core of SolarMarker\'s operations is its layered infrastructure, which consists of at least two clusters: a primary one for active operations and a secondary one likely]]> 2024-05-21T18:37:00+00:00 https://thehackernews.com/2024/05/solarmarker-malware-evolves-to-resist.html www.secnews.physaphae.fr/article.php?IdArticle=8504065 False Malware,Threat,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) One of the enduring challenges of building modern applications is to make them more secure without disrupting high-velocity DevOps processes or degrading the developer experience. Today\'s cyber threat landscape is rife with sophisticated attacks aimed at all different parts of the software supply chain and the urgency for software-producing organizations to adopt DevSecOps practices that deeply]]> 2024-05-21T17:03:00+00:00 https://thehackernews.com/2024/05/five-core-tenets-of-highly-effective.html www.secnews.physaphae.fr/article.php?IdArticle=8504002 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) File Integrity Monitoring (FIM) is an IT security control that monitors and detects file changes in computer systems. It helps organizations audit important files and system configurations by routinely scanning and verifying their integrity. Most information security standards mandate the use of FIM for businesses to ensure the integrity of their data. IT security compliance involves adhering to]]> 2024-05-21T16:00:00+00:00 https://thehackernews.com/2024/05/achieve-security-compliance-with-wazuh.html www.secnews.physaphae.fr/article.php?IdArticle=8504907 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx. "If exploited, it could allow attackers to execute arbitrary code on your system,]]> 2024-05-21T15:52:00+00:00 https://thehackernews.com/2024/05/researchers-uncover-flaws-in-python.html www.secnews.physaphae.fr/article.php?IdArticle=8503971 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?)  Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used desktop operating system. "Deprecating NTLM has been a huge ask from our security community as it will strengthen user authentication, and deprecation is planned in the second half of 2024," the]]> 2024-05-21T14:32:00+00:00 https://thehackernews.com/2024/05/windows-11-to-deprecate-ntlm-add-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8503942 False None None 2.0000000000000000