This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-15T08:32:11+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If you\'re involved in securing the applications your organization develops, there is no question that Static Application Security Testing (SAST) solutions are an important part of a comprehensive application security strategy. SAST secures software, supports business more securely, cuts down on costs, reduces risk, and speeds time to development, delivery, and deployment of mission-critical]]> 2023-05-24T16:21:00+00:00 https://thehackernews.com/2023/05/what-to-look-for-when-selecting-static.html www.secnews.physaphae.fr/article.php?IdArticle=8338988 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app (APK package name "com.tsoft.app.iscreenrecorder"), which accrued over 50,000 installations, was first uploaded on September 19, 2021. The malicious functionality]]> 2023-05-24T16:03:00+00:00 https://thehackernews.com/2023/05/data-stealing-malware-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8338989 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications,"]]> 2023-05-24T15:30:00+00:00 https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html www.secnews.physaphae.fr/article.php?IdArticle=8338990 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC), which detailed the advanced persistent threat\'s (APT) continued abuse of DLL side-loading techniques to deploy malware. "The]]> 2023-05-24T13:00:00+00:00 https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8338945 False Malware APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021, leverages phishing lures to deploy a variety of malicious tools on infected systems. The origins of the hacking crew are presently unknown. In]]> 2023-05-24T12:24:00+00:00 https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html www.secnews.physaphae.fr/article.php?IdArticle=8338946 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group\'s activities since mid-2020, characterized the adversary as both capable and stealthy. The targeting scope of the campaign is focused on Afghanistan, Azerbaijan, Iran, Iraq,]]> 2023-05-23T21:00:00+00:00 https://thehackernews.com/2023/05/goldenjackal-new-threat-group-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8338799 False Threat GoldenJackal 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of reconnaissance campaigns to enable subsequent attacks," SentinelOne researchers Aleksandar Milenkoski and Tom]]> 2023-05-23T19:26:00+00:00 https://thehackernews.com/2023/05/north-korean-kimsuky-hackers-strike.html www.secnews.physaphae.fr/article.php?IdArticle=8338750 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The most precious asset in today\'s information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has become increasingly challenging, as highlighted by the 2023 State of Secrets Sprawl report, the largest analysis of public GitHub activity.  The report shows a 67% year-over-year increase in the number of secrets found, with 10 million hard-coded secrets detected]]> 2023-05-23T16:46:00+00:00 https://thehackernews.com/2023/05/the-rising-threat-of-secrets-sprawl-and.html www.secnews.physaphae.fr/article.php?IdArticle=8338697 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX (WinTapix.sys), attributed the malware with low confidence to an Iranian threat actor. "WinTapix.sys is essentially a loader," security researchers Geri Revay and Hossein Jazi said]]> 2023-05-23T16:41:00+00:00 https://thehackernews.com/2023/05/new-wintapixsys-malware-engages-in.html www.secnews.physaphae.fr/article.php?IdArticle=8338698 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) China has banned U.S. chip maker Micron from selling its products to Chinese companies working on key infrastructure projects, citing national security risks. The development comes nearly two months after the country\'s cybersecurity authority initiated a probe in late March 2023 to assess potential network security risks. "The purpose of this network security review of Micron\'s products is to]]> 2023-05-23T12:17:00+00:00 https://thehackernews.com/2023/05/china-bans-us-chip-giant-micron-citing.html www.secnews.physaphae.fr/article.php?IdArticle=8338660 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Facebook\'s parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S. In a binding decision taken by the European Data Protection Board (EDPB), the social media giant has been ordered to bring its data transfers into compliance with the GDPR and delete unlawfully stored and processed]]> 2023-05-22T23:18:00+00:00 https://thehackernews.com/2023/05/eu-regulators-hit-meta-with-record-13.html www.secnews.physaphae.fr/article.php?IdArticle=8338521 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company\'s Permiso P0 Labs, which first detected the group in November 2021, has assigned it the moniker GUI-vil (pronounced Goo-ee-vil). "The group displays a preference for Graphical]]> 2023-05-22T21:35:00+00:00 https://thehackernews.com/2023/05/indonesian-cybercriminals-exploit-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8338466 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has not only been linked to a fresh sophisticated campaign, but also to an activity cluster that first came to light in May 2016. "While the]]> 2023-05-22T18:17:00+00:00 https://thehackernews.com/2023/05/bad-magics-extended-reign-in-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8338435 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization\'s reputation, induce considerable financial losses, and even have serious legal repercussions. From the infamous Cambridge Analytica scandal to the Equifax data breach, there have been some pretty high-profile leaks resulting in massive]]> 2023-05-22T16:42:00+00:00 https://thehackernews.com/2023/05/are-your-apis-leaking-sensitive-data.html www.secnews.physaphae.fr/article.php?IdArticle=8338400 False None Equifax,Equifax 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offenses, including facilitating fraud and possessing and transferring]]> 2023-05-22T12:31:00+00:00 https://thehackernews.com/2023/05/uk-fraudster-behind-ispoof-scam.html www.secnews.physaphae.fr/article.php?IdArticle=8338340 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim\'s master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux, and macOS, and is expected to be patched in version 2.54, which is likely to be released early]]> 2023-05-22T12:03:00+00:00 https://thehackernews.com/2023/05/keepass-exploit-allows-attackers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8338331 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. "The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion,]]> 2023-05-21T14:28:00+00:00 https://thehackernews.com/2023/05/pypi-repository-under-attack-user-sign.html www.secnews.physaphae.fr/article.php?IdArticle=8338203 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom,"]]> 2023-05-20T16:18:00+00:00 https://thehackernews.com/2023/05/meet-jack-from-romania-mastermind.html www.secnews.physaphae.fr/article.php?IdArticle=8338071 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor\'s first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest. "In these recent attacks, Sangria Tempest uses the PowerShell script POWERTRASH to load]]> 2023-05-20T12:19:00+00:00 https://thehackernews.com/2023/05/notorious-cyber-gang-fin7-returns-cl0p.html www.secnews.physaphae.fr/article.php?IdArticle=8338047 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a]]> 2023-05-20T09:45:00+00:00 https://thehackernews.com/2023/05/samsung-devices-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8338022 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting]]> 2023-05-19T17:58:00+00:00 https://thehackernews.com/2023/05/privacy-sandbox-initiative-google-to.html www.secnews.physaphae.fr/article.php?IdArticle=8337896 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because of its inability to apply any security measures beyond checking for a password and username match, AD (as well the resources it manages) is]]> 2023-05-19T16:34:00+00:00 https://thehackernews.com/2023/05/dr-active-directory-vs-mr-exposed.html www.secnews.physaphae.fr/article.php?IdArticle=8337876 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down. ReversingLabs, which broke]]> 2023-05-19T16:10:00+00:00 https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html www.secnews.physaphae.fr/article.php?IdArticle=8337877 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord)," eSentire]]> 2023-05-19T12:23:00+00:00 https://thehackernews.com/2023/05/searching-for-ai-tools-watch-out-for.html www.secnews.physaphae.fr/article.php?IdArticle=8337842 False Malware ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address three new zero-day flaws that it said are being actively exploited in the wild. The three security shortcomings are listed below - CVE-2023-32409 - A WebKit flaw that could be exploited by a malicious actor to break out of the Web Content sandbox. It was addressed with]]> 2023-05-19T09:13:00+00:00 https://thehackernews.com/2023/05/webkit-under-attack-apple-issues.html www.secnews.physaphae.fr/article.php?IdArticle=8337822 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks. "The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages, social media and online messaging accounts and monetization via advertisements and click fraud,"]]> 2023-05-18T22:00:00+00:00 https://thehackernews.com/2023/05/this-cybercrime-syndicate-pre-infected.html www.secnews.physaphae.fr/article.php?IdArticle=8337704 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks, it\'s essential to simplify and reframe your defenses. Zscaler Deception is a state-of-the-art next-generation deception technology seamlessly integrated with the Zscaler Zero Trust Exchange. It creates a hostile environment for attackers and enables you to track]]> 2023-05-18T17:35:00+00:00 https://thehackernews.com/2023/05/join-this-webinar-zero-trust-deception.html www.secnews.physaphae.fr/article.php?IdArticle=8337656 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts. This digital transformation of the factory floor has accelerated the connection of machinery to digital systems and data. Computer systems for managing and monitoring digital systems and data have been added to the hardware and software used for]]> 2023-05-18T16:12:00+00:00 https://thehackernews.com/2023/05/how-to-reduce-exposure-on-manufacturing.html www.secnews.physaphae.fr/article.php?IdArticle=8337610 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on the East Asian island country. "From malicious emails and URLs to malware, the strain between China\'s claim of Taiwan as part of its territory and Taiwan\'s maintained independence has evolved into a worrying surge in attacks," the Trellix Advanced Research Center said]]> 2023-05-18T15:23:00+00:00 https://thehackernews.com/2023/05/escalating-china-taiwan-tensions-fuel.html www.secnews.physaphae.fr/article.php?IdArticle=8337595 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands]]> 2023-05-18T15:01:00+00:00 https://thehackernews.com/2023/05/8220-gang-exploiting-oracle-weblogic.html www.secnews.physaphae.fr/article.php?IdArticle=8337596 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to tens of thousands of victims in the country. Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, has been accused of setting up a carding site called Skynet Market that specialized in the trafficking of credit and debit card data. Mihalo and his]]> 2023-05-18T12:09:00+00:00 https://thehackernews.com/2023/05/darknet-carding-kingpin-pleads-guilty.html www.secnews.physaphae.fr/article.php?IdArticle=8337570 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has announced that it prevented over $2 billion in potentially fraudulent transactions and rejected roughly 1.7 million app submissions for privacy and security violations in 2022. The computing giant said it terminated 428,000 developer accounts for potential fraudulent activity, blocked 105,000 fake developer account creations, and deactivated 282 million bogus customer accounts. It]]> 2023-05-18T11:49:00+00:00 https://thehackernews.com/2023/05/apple-thwarts-2-billion-in-app-store.html www.secnews.physaphae.fr/article.php?IdArticle=8337571 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to run arbitrary code or cause a denial-of-service (DoS) condition. "These vulnerabilities are due to improper validation of requests that are sent to the web interface," Cisco said, crediting an unnamed external researcher for]]> 2023-05-18T10:48:00+00:00 https://thehackernews.com/2023/05/critical-flaws-in-cisco-small-business.html www.secnews.physaphae.fr/article.php?IdArticle=8337530 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking group dubbed OilAlpha with suspected ties to Yemen\'s Houthi movement has been linked to a cyber espionage campaign targeting development, humanitarian, media, and non-governmental organizations in the Arabian peninsula. "OilAlpha used encrypted chat messengers like WhatsApp to launch social engineering attacks against its targets," cybersecurity company Recorded Future said in a]]> 2023-05-17T19:14:00+00:00 https://thehackernews.com/2023/05/oilalpha-emerging-houthi-linked-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8337383 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Software is rarely a one-and-done proposition. In fact, any application available today will likely need to be updated – or patched – to fix bugs, address vulnerabilities, and update key features at multiple points in the future. With the typical enterprise relying on a multitude of applications, servers, and end-point devices in their day-to-day operations, the acquisition of a robust patch]]> 2023-05-17T17:24:00+00:00 https://thehackernews.com/2023/05/identifying-patch-management-solution.html www.secnews.physaphae.fr/article.php?IdArticle=8337353 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party remote management tools within compromised environments. Google-owned Mandiant attributed the activity to a threat group it tracks under the name UNC3944, which is also known as Roasted 0ktapus and Scattered Spider. "This method of attack was unique in]]> 2023-05-17T17:22:00+00:00 https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html www.secnews.physaphae.fr/article.php?IdArticle=8337354 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The second generation version of Belkin\'s Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on January 9, 2023, by Israeli IoT security company Sternum, which reverse-engineered the device and]]> 2023-05-17T15:47:00+00:00 https://thehackernews.com/2023/05/serious-unpatched-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8337334 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in Pakistan and China. This comprises a network of 55 domains and IP addresses used by the threat actor, cybersecurity companies Group-IB and Bridewell said in a joint report shared with The Hacker News. "The identified phishing]]> 2023-05-17T14:10:00+00:00 https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8337299 False Threat APT-C-17 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in question, is alleged to be a "central figure" in the development and deployment of LockBit, Babuk,]]> 2023-05-17T10:59:00+00:00 https://thehackernews.com/2023/05/us-offers-10-million-bounty-for-capture.html www.secnews.physaphae.fr/article.php?IdArticle=8337255 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks aimed at European foreign affairs entities since January 2023. An analysis of these intrusions, per Check Point researchers Itay Cohen and Radoslaw Madej, has revealed a custom firmware implant designed explicitly for TP-Link routers. "The implant features several malicious]]> 2023-05-16T20:15:00+00:00 https://thehackernews.com/2023/05/chinas-mustang-panda-hackers-exploit-tp.html www.secnews.physaphae.fr/article.php?IdArticle=8337002 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware affiliates associated with the Qilin ransomware-as-a-service (RaaS) scheme earn anywhere between 80% to 85% of the ransom payments, according to new findings from Group-IB. The cybersecurity firm said it was able to infiltrate the group in March 2023, uncovering details about the affiliates\' payment structure and the inner workings of the RaaS program following a private conversation]]> 2023-05-16T17:50:00+00:00 https://thehackernews.com/2023/05/inside-qilin-ransomware-affiliates-take.html www.secnews.physaphae.fr/article.php?IdArticle=8336967 False Ransomware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations\' essential systems and resources. Cybercriminals no longer break into systems, but instead log in – making access security more complex and also more important to manage and control than ever before. In an effort to solve the access-related challenges facing OT and critical infrastructure]]> 2023-05-16T17:13:00+00:00 https://thehackernews.com/2023/05/cyolo-product-overview-secure-remote.html www.secnews.physaphae.fr/article.php?IdArticle=8336936 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed to deliver two novel payloads dubbed CopperStealth and CopperPhish. Trend Micro is tracking the financially motivated group under the name Water Orthrus. The adversary is also assessed to be behind another campaign known as Scranos, which was detailed by Bitdefender in]]> 2023-05-16T17:09:00+00:00 https://thehackernews.com/2023/05/water-orthrus-copperstealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8336937 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems. The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months. "While some of these are likely red-team operations, others bear the characteristics of genuine malicious attacks,"]]> 2023-05-16T12:58:00+00:00 https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html www.secnews.physaphae.fr/article.php?IdArticle=8336887 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week. The 11 vulnerabilities allow "remote code execution and]]> 2023-05-15T18:54:00+00:00 https://thehackernews.com/2023/05/industrial-cellular-routers-at-risk-11.html www.secnews.physaphae.fr/article.php?IdArticle=8336651 False Industrial,Cloud,Conference None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ransomware group known as RA Group has become the latest threat actor to leverage the leaked Babuk ransomware source code to spawn its own locker variant. The cybercriminal gang, which is said to have been operating since at least April 22, 2023, is rapidly expanding its operations, according to cybersecurity firm Cisco Talos. "To date, the group has compromised three organizations in the]]> 2023-05-15T17:29:00+00:00 https://thehackernews.com/2023/05/new-ransomware-gang-ra-group-hits-us.html www.secnews.physaphae.fr/article.php?IdArticle=8336597 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world\'s youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues their entire lives. Perhaps it is due to their familiarity with technology that causes them to overlook]]> 2023-05-15T16:55:00+00:00 https://thehackernews.com/2023/05/why-high-tech-companies-struggle-with.html www.secnews.physaphae.fr/article.php?IdArticle=8336598 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the activity under its insect-themed moniker Lancefly, with the attacks making use of a "powerful"]]> 2023-05-15T15:47:00+00:00 https://thehackernews.com/2023/05/researchers-uncover-powerful-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8336573 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in a report shared with The Hacker News. "This trend is especially noteworthy given the fact that ESXi]]> 2023-05-15T15:39:00+00:00 https://thehackernews.com/2023/05/new-michaelkors-ransomware-as-service.html www.secnews.physaphae.fr/article.php?IdArticle=8336574 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that\'s designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware. "Similar to web shell, which can be installed on web servers, SqlShell is a malware strain that supports various features after being installed on an MS SQL server,]]> 2023-05-15T12:46:00+00:00 https://thehackernews.com/2023/05/clr-sqlshell-malware-targets-ms-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8336556 False Ransomware,Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency while working at the company. Nickolas Sharp, 37, was arrested in December 2021 for using his insider access as a senior developer to steal confidential data and sending an anonymous]]> 2023-05-15T12:29:00+00:00 https://thehackernews.com/2023/05/former-ubiquiti-employee-gets-6-years.html www.secnews.physaphae.fr/article.php?IdArticle=8336544 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates]]> 2023-05-13T13:15:00+00:00 https://thehackernews.com/2023/05/new-phishing-as-service-platform-lets.html www.secnews.physaphae.fr/article.php?IdArticle=8336262 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany. "The attack campaign has been leveraging rather]]> 2023-05-13T02:30:00+00:00 https://thehackernews.com/2023/05/xworm-malware-exploits-follina.html www.secnews.physaphae.fr/article.php?IdArticle=8336193 False Malware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. "Successful exploits could allow attackers to monitor users\' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz said in a]]> 2023-05-12T19:46:00+00:00 https://thehackernews.com/2023/05/netgear-routers-flaws-expose-users-to.html www.secnews.physaphae.fr/article.php?IdArticle=8336095 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. "BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with this latest iteration," security researchers Shaul Vilkomir-Preisman and Eliran Nissan said. BPFDoor (]]> 2023-05-12T18:54:00+00:00 https://thehackernews.com/2023/05/new-variant-of-linux-backdoor-bpfdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8336078 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s interconnected world, where organisations regularly exchange sensitive information with customers, partners and employees, secure collaboration has become increasingly vital. However, collaboration can pose a security risk if not managed properly. To ensure that collaboration remains secure, organisations need to take steps to protect their data. Since collaborating is essential for]]> 2023-05-12T17:03:00+00:00 https://thehackernews.com/2023/05/solving-your-teams-secure-collaboration.html www.secnews.physaphae.fr/article.php?IdArticle=8336041 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. The attacks took place in early May 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) said in a]]> 2023-05-12T13:29:00+00:00 https://thehackernews.com/2023/05/bl00dy-ransomware-gang-strikes.html www.secnews.physaphae.fr/article.php?IdArticle=8335881 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to achieve elevated privileges on affected sites. The issue, tracked as CVE-2023-32243, has been addressed by the plugin maintainers in version 5.7.2 that was shipped on May 11, 2023. Essential Addons for Elementor has over one million active]]> 2023-05-12T11:13:00+00:00 https://thehackernews.com/2023/05/severe-security-flaw-exposes-over.html www.secnews.physaphae.fr/article.php?IdArticle=8335845 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. "Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine referendums," Malwarebytes disclosed in a report published today. "Depending on the campaign,]]> 2023-05-11T20:15:00+00:00 https://thehackernews.com/2023/05/new-apt-group-red-stinger-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8335657 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called Trinitarians. Among those apprehended include two hackers who carried out bank scams through phishing and smishing techniques and 15 other members of the crime syndicate, who have all been charged with a number of offenses such as bank fraud, forging documents, identity]]> 2023-05-11T19:30:00+00:00 https://thehackernews.com/2023/05/spanish-police-takes-down-massive.html www.secnews.physaphae.fr/article.php?IdArticle=8335658 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend of Babuk source code adoption," SentinelOne security researcher Alex Delamotte said in a report]]> 2023-05-11T16:02:00+00:00 https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html www.secnews.physaphae.fr/article.php?IdArticle=8335599 False Ransomware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) According to Forrester, External Attack Surface Management (EASM) emerged as a market category in 2021 and gained popularity in 2022. In a different report, Gartner concluded that vulnerability management vendors are expanding their offerings to include Attack Surface Management (ASM) for a suite of comprehensive offensive security solutions. Recognition from global analysts has officially put]]> 2023-05-11T16:02:00+00:00 https://thehackernews.com/2023/05/how-attack-surface-management-supports.html www.secnews.physaphae.fr/article.php?IdArticle=8335600 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin panel to break into vulnerable devices. The flaw, tracked as CVE-2023-25717 (CVSS score: 9.8), stems from improper handling of HTTP requests, leading to unauthenticated remote code execution and a complete compromise of wireless Access Point (AP) equipment. Andoryu was]]> 2023-05-11T12:35:00+00:00 https://thehackernews.com/2023/05/andoryu-botnet-exploits-critical-ruckus.html www.secnews.physaphae.fr/article.php?IdArticle=8335548 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months after its chief executive Elon Musk confirmed plans for the feature in November 2022. The "Phase 1" of the initiative will appear as separate conversations alongside existing direct messages on users\' inboxes. Encrypted chats carry a lock icon badge to visually]]> 2023-05-11T11:01:00+00:00 https://thehackernews.com/2023/05/twitter-finally-rolling-out-encrypted.html www.secnews.physaphae.fr/article.php?IdArticle=8335528 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently leaking keys and other secrets in their code. The Microsoft-owned cloud-based repository hosting platform, which began testing the feature a year ago, said it\'s also extending push protection to all public repositories at no extra cost. The]]> 2023-05-11T10:31:00+00:00 https://thehackernews.com/2023/05/github-extends-push-protection-to.html www.secnews.physaphae.fr/article.php?IdArticle=8335529 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The tech giant\'s latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and transparency over their personal data. Here is a short list of the newly introduced features -]]> 2023-05-11T00:01:00+00:00 https://thehackernews.com/2023/05/google-announces-new-privacy-safety-and.html www.secnews.physaphae.fr/article.php?IdArticle=8335418 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass integrity protections on targeted machines. The vulnerability, tracked as CVE-2023-29324 (CVSS score: 6.5), has been described as a security feature bypass. It was addressed by Microsoft as part of its Patch Tuesday updates for May 2023. Akamai security]]> 2023-05-10T19:53:00+00:00 https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8335261 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of malware dubbed DownEx. Bitdefender, in a report shared with The Hacker News, said the activity remains active, with evidence likely pointing to the involvement of Russia-based threat actors. The Romanian cybersecurity firm said it first detected the]]> 2023-05-10T18:35:00+00:00 https://thehackernews.com/2023/05/sophisticated-downex-malware-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8335246 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A few weeks ago, the 32nd edition of RSA, one of the world\'s largest cybersecurity conferences, wrapped up in San Francisco. Among the highlights, Kevin Mandia, CEO of Mandiant at Google Cloud, presented a retrospective on the state of cybersecurity. During his keynote, Mandia stated: "There are clear steps organizations can take beyond common safeguards and security tools to strengthen their]]> 2023-05-10T16:45:00+00:00 https://thehackernews.com/2023/05/why-honeytokens-are-future-of-intrusion.html www.secnews.physaphae.fr/article.php?IdArticle=8335209 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A U.K. national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding other users of the platform. Joseph James O\'Connor, who also went by the online alias PlugwalkJoe, admitted to "his role in cyberstalking and multiple schemes that involve computer hacking, including the July 2020 hack of Twitter," the U.S. Department of]]> 2023-05-10T16:20:00+00:00 https://thehackernews.com/2023/05/mastermind-behind-twitter-2020-hack.html www.secnews.physaphae.fr/article.php?IdArticle=8335186 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia\'s Federal Security Service (FSB). Snake, dubbed the "most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called Turla (aka Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear,]]> 2023-05-10T14:14:00+00:00 https://thehackernews.com/2023/05/us-government-neutralizes-russias-most.html www.secnews.physaphae.fr/article.php?IdArticle=8335109 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that it said is being actively exploited in the wild. Trend Micro\'s Zero Day Initiative (ZDI) said the volume is the lowest since August 2021, although it pointed out that "this number is expected to rise in the coming months." Of the 38 vulnerabilities, six are rated Critical and]]> 2023-05-10T11:04:00+00:00 https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html www.secnews.physaphae.fr/article.php?IdArticle=8335091 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The takedown is part of an ongoing international initiative dubbed Operation PowerOFF that\'s aimed at dismantling criminal DDoS-for-hire infrastructures worldwide. The development comes almost five months after a "sweep" in December 2022 dismantled 48 similar services]]> 2023-05-09T22:27:00+00:00 https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html www.secnews.physaphae.fr/article.php?IdArticle=8334886 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that has been ongoing since October 2021. Slovak cybersecurity firm ESET is tracking the series of attacks against Southeast Asian gambling companies under the name Operation ChattyGoblin. "These attacks use a specific tactic: targeting the victim companies\' support agents via chat]]> 2023-05-09T18:59:00+00:00 https://thehackernews.com/2023/05/operation-chattygoblin-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8334791 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the fast-paced cybersecurity landscape, product security takes center stage. DevSecOps swoops in, seamlessly merging security practices into DevOps, empowering teams to tackle challenges. Let\'s dive into DevSecOps and explore how collaboration can give your team the edge to fight cyber villains. Application security and product security Regrettably, application security teams often intervene]]> 2023-05-09T18:24:00+00:00 https://thehackernews.com/2023/05/strengthening-product-security.html www.secnews.physaphae.fr/article.php?IdArticle=8334792 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat (APT) group used a server-based polymorphism technique to deliver the next stage payload," the BlackBerry]]> 2023-05-09T15:09:00+00:00 https://thehackernews.com/2023/05/researchers-uncover-sidewinders-latest.html www.secnews.physaphae.fr/article.php?IdArticle=8334747 False Threat APT-C-17 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said. The tech giant\'s threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023-27350 in their operations to achieve initial access. "This activity shows Mint]]> 2023-05-09T14:23:00+00:00 https://thehackernews.com/2023/05/microsoft-warns-of-state-sponsored.html www.secnews.physaphae.fr/article.php?IdArticle=8334732 False Vulnerability,Threat APT 35 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks. "Once inside the network, CACTUS actors attempt to enumerate local and network user accounts in addition to reachable endpoints before creating new user accounts and leveraging custom scripts to automate]]> 2023-05-09T11:18:00+00:00 https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8334705 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company\'s private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security firm Binarly, said in a tweet over the weekend. "It appears that Intel Boot Guard may not be]]> 2023-05-08T20:53:00+00:00 https://thehackernews.com/2023/05/msi-data-breach-private-code-signing.html www.secnews.physaphae.fr/article.php?IdArticle=8334306 False Ransomware,Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digital storage giant Western Digital confirmed that an "unauthorized third party" gained access to its systems and stole personal information belonging to the company\'s online store customers. "This information included customer names, billing and shipping addresses, email addresses and telephone numbers," the San Jose-based company said in a disclosure last week. "In addition, the database]]> 2023-05-08T19:36:00+00:00 https://thehackernews.com/2023/05/western-digital-confirms-customer-data.html www.secnews.physaphae.fr/article.php?IdArticle=8334283 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Are you concerned about ransomware attacks? You\'re not alone. In recent years, these attacks have become increasingly common and can cause significant damage to organizations of all sizes. But there\'s good news - with the right security measures in place, such as real-time MFA and service account protection, you can effectively protect yourself against these types of attacks. That\'s why we\'re]]> 2023-05-08T19:01:00+00:00 https://thehackernews.com/2023/05/join-our-webinar-learn-how-to-defeat.html www.secnews.physaphae.fr/article.php?IdArticle=8334274 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The suspected Pakistan-aligned threat actor known as SideCopy has been observed leveraging themes related to the Indian military research organization as part of an ongoing phishing campaign. This involves using a ZIP archive lure pertaining to India\'s Defence Research and Development Organization (DRDO) to deliver a malicious payload capable of harvesting sensitive information, Fortinet]]> 2023-05-08T18:57:00+00:00 https://thehackernews.com/2023/05/sidecopy-using-action-rat-and-allakore.html www.secnews.physaphae.fr/article.php?IdArticle=8334275 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunting is an essential component of your cybersecurity strategy. Whether you\'re getting started or in an advanced state, this article will help you ramp up your threat intelligence program. What is Threat Hunting? The cybersecurity industry is shifting from a reactive to a proactive approach. Instead of waiting for cybersecurity alerts and then addressing them, security organizations are]]> 2023-05-08T17:19:00+00:00 https://thehackernews.com/2023/05/how-to-set-up-threat-hunting-and-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8334263 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is a polyglot file containing a decoy document and a JavaScript file. The]]> 2023-05-08T11:40:00+00:00 https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html www.secnews.physaphae.fr/article.php?IdArticle=8334212 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an encrypted payload, with various modifications made to these components over time," Sophos researcher]]> 2023-05-06T16:54:00+00:00 https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html www.secnews.physaphae.fr/article.php?IdArticle=8333977 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (XSS) that could be abused to inject arbitrary executable scripts into otherwise benign websites. The plugin, which is available both as a free and pro]]> 2023-05-06T11:11:00+00:00 https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html www.secnews.physaphae.fr/article.php?IdArticle=8333932 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented strain of Android malware called FluHorse that abuses the Flutter software development framework. "The malware features several malicious Android applications that mimic legitimate applications, most of which have more than 1,000,000 installs," Check Point said in]]> 2023-05-05T19:17:00+00:00 https://thehackernews.com/2023/05/new-android-malware-fluhorse-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8333796 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject toolkit called drIBAN since at least 2019. "The main goal of drIBAN fraud operations is to infect Windows workstations inside corporate environments trying to alter legitimate banking transfers performed by the victims by changing the beneficiary and transferring]]> 2023-05-05T17:19:00+00:00 https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html www.secnews.physaphae.fr/article.php?IdArticle=8333767 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. "[ReconShark] is actively delivered to specifically targeted individuals through spear-phishing emails, OneDrive links leading to document downloads, and the execution of malicious macros," SentinelOne researchers Tom Hegel]]> 2023-05-05T15:49:00+00:00 https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html www.secnews.physaphae.fr/article.php?IdArticle=8333757 False Tool,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Third-party apps such as Google Analytics, Meta Pixel, HotJar, and JQuery have become critical tools for businesses to optimize their website performance and services for a global audience. However, as their importance has grown, so has the threat of cyber incidents involving unmanaged third-party apps and open-source tools. Online businesses increasingly struggle to maintain complete visibility]]> 2023-05-05T15:48:00+00:00 https://thehackernews.com/2023/05/lack-of-visibility-challenge-of.html www.secnews.physaphae.fr/article.php?IdArticle=8333758 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes," Packagist\'s Nils Adermann said]]> 2023-05-05T15:22:00+00:00 https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html www.secnews.physaphae.fr/article.php?IdArticle=8333736 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and smartphone wallpaper packs. The apps have since been taken down. The operation primarily targeted users]]> 2023-05-05T12:51:00+00:00 https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.html www.secnews.physaphae.fr/article.php?IdArticle=8333713 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as CVE-2023-20126, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credited Catalpa of DBappSecurity for reporting the shortcoming. The product in question makes it possible]]> 2023-05-05T10:46:00+00:00 https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8333691 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery (SSRF) flaws and one instance of unrestricted file upload functionality in the API Management developer portal, according to Israeli cloud security firm Ermetic. "]]> 2023-05-04T18:49:00+00:00 https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8333476 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 (CVSS score: 9.8), the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. While the flaw was patched by the]]> 2023-05-04T18:33:00+00:00 https://thehackernews.com/2023/05/researchers-uncover-new-exploit-for.html www.secnews.physaphae.fr/article.php?IdArticle=8333477 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IT and cybersecurity teams are so inundated with security notifications and alerts within their own systems, it\'s difficult to monitor external malicious environments – which only makes them that much more threatening.  In March, a high-profile data breach hit national headlines when personally identifiable information connected to hundreds of lawmakers and staff was leaked on the dark web. The]]> 2023-05-04T16:45:00+00:00 https://thehackernews.com/2023/05/why-things-you-dont-know-about-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=8333428 False Data Breach,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. "Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links, downloading malware or sharing personal information across the internet," Guy Rosen, chief information]]> 2023-05-04T16:21:00+00:00 https://thehackernews.com/2023/05/meta-uncovers-massive-social-media.html www.secnews.physaphae.fr/article.php?IdArticle=8333429 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI\'s ChatGPT as a lure to propagate about 10 malware families since March 2023. The development comes against the backdrop of fake ChatGPT web browser extensions being increasingly used to steal users\' Facebook account credentials with an aim to run]]> 2023-05-04T14:27:00+00:00 https://thehackernews.com/2023/05/meta-takes-down-malware-campaign-that.html www.secnews.physaphae.fr/article.php?IdArticle=8333398 False Malware ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution across Google Accounts on all platforms. Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to use a traditional password. This, in turn, can be achieved by simply unlocking their computer or]]> 2023-05-03T19:15:00+00:00 https://thehackernews.com/2023/05/google-introduces-passwordless-secure.html www.secnews.physaphae.fr/article.php?IdArticle=8333156 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity. Trend Micro attributed the intrusion set to a cyber espionage group it tracks under the name Earth Longzhi, which is a subgroup within APT41 (aka HOODOO]]> 2023-05-03T18:57:00+00:00 https://thehackernews.com/2023/05/chinese-hacker-group-earth-longzhi.html www.secnews.physaphae.fr/article.php?IdArticle=8333157 False Malware APT 41 2.0000000000000000