This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:40:53+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis published Thursday. The malware is said to be in active development,]]> 2024-04-26T16:12:00+00:00 https://thehackernews.com/2024/04/new-brokewell-android-malware-spread.html www.secnews.physaphae.fr/article.php?IdArticle=8489006 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in]]> 2024-04-26T15:48:00+00:00 https://thehackernews.com/2024/04/palo-alto-networks-outlines-remediation.html www.secnews.physaphae.fr/article.php?IdArticle=8489007 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0. "This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as]]> 2024-04-26T11:19:00+00:00 https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html www.secnews.physaphae.fr/article.php?IdArticle=8488912 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL binary from [command-and-control] server," Avast security researcher Luigino]]> 2024-04-25T22:17:00+00:00 https://thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html www.secnews.physaphae.fr/article.php?IdArticle=8488646 False Malware,Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit]]> 2024-04-25T16:43:00+00:00 https://thehackernews.com/2024/04/network-threats-step-by-step-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8488507 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds. To that end, Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged]]> 2024-04-25T15:51:00+00:00 https://thehackernews.com/2024/04/doj-arrests-founders-of-crypto-mixer.html www.secnews.physaphae.fr/article.php?IdArticle=8488482 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it\'s working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year. As part of the]]> 2024-04-25T12:07:00+00:00 https://thehackernews.com/2024/04/google-postpones-third-party-cookie.html www.secnews.physaphae.fr/article.php?IdArticle=8488386 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributing it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft). "]]> 2024-04-25T11:20:00+00:00 https://thehackernews.com/2024/04/state-sponsored-hackers-exploit-two.html www.secnews.physaphae.fr/article.php?IdArticle=8488387 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Treasury Department\'s Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh]]> 2024-04-24T19:13:00+00:00 https://thehackernews.com/2024/04/us-treasury-sanctions-iranian-firms-and.html www.secnews.physaphae.fr/article.php?IdArticle=8488009 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an ongoing attack campaign that\'s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. "SSLoad is designed to stealthily infiltrate systems, gather sensitive]]> 2024-04-24T19:06:00+00:00 https://thehackernews.com/2024/04/researchers-detail-multistage-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8488010 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users\' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi. The only vendor whose keyboard app did not have any security]]> 2024-04-24T15:06:00+00:00 https://thehackernews.com/2024/04/major-security-flaws-expose-keystrokes.html www.secnews.physaphae.fr/article.php?IdArticle=8487895 False Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group dubbed ]]> 2024-04-24T12:32:00+00:00 https://thehackernews.com/2024/04/escan-antivirus-update-mechanism.html www.secnews.physaphae.fr/article.php?IdArticle=8487847 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin]]> 2024-04-24T10:20:00+00:00 https://thehackernews.com/2024/04/coralraider-malware-campaign-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8487798 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This&]]> 2024-04-23T19:30:00+00:00 https://thehackernews.com/2024/04/apache-cordova-app-harness-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8487481 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc? We invite you to join us for an]]> 2024-04-23T16:58:00+00:00 https://thehackernews.com/2024/04/webinar-learn-proactive-supply-chain.html www.secnews.physaphae.fr/article.php?IdArticle=8487390 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there\'s a larger, more pressing question: What is the true financial impact of a cyberattack? According to research by Cybersecurity Ventures, the global cost of cybercrime is projected to reach]]> 2024-04-23T15:52:00+00:00 https://thehackernews.com/2024/04/unmasking-true-cost-of-cyberattacks.html www.secnews.physaphae.fr/article.php?IdArticle=8487332 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and governments to take urgent action to ensure public safety across social media platforms. "Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies]]> 2024-04-23T15:51:00+00:00 https://thehackernews.com/2024/04/police-chiefs-call-for-solutions-to.html www.secnews.physaphae.fr/article.php?IdArticle=8487333 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects are strongly suspected of working for a Chinese secret service since an unspecified]]> 2024-04-23T15:46:00+00:00 https://thehackernews.com/2024/04/german-authorities-issue-arrest.html www.secnews.physaphae.fr/article.php?IdArticle=8487334 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of State on Monday said it\'s taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated or derived financial benefit from the misuse of this technology, which]]> 2024-04-23T12:13:00+00:00 https://thehackernews.com/2024/04/us-imposes-visa-restrictions-on-13.html www.secnews.physaphae.fr/article.php?IdArticle=8487256 False Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a now-patched flaw that allowed for]]> 2024-04-23T09:53:00+00:00 https://thehackernews.com/2024/04/russias-apt28-exploited-windows-print.html www.secnews.physaphae.fr/article.php?IdArticle=8487211 False Malware,Tool,Threat APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from primarily governmental organizations, some of them defense related, located in]]> 2024-04-22T20:41:00+00:00 https://thehackernews.com/2024/04/russian-hacker-group-toddycat-uses.html www.secnews.physaphae.fr/article.php?IdArticle=8486890 False Tool,Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half.  And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and]]> 2024-04-22T17:00:00+00:00 https://thehackernews.com/2024/04/penteras-2024-report-reveals-hundreds.html www.secnews.physaphae.fr/article.php?IdArticle=8486778 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified research and prototyping network. The unknown adversary "performed reconnaissance]]> 2024-04-22T16:35:00+00:00 https://thehackernews.com/2024/04/mitre-corporation-breached-by-nation.html www.secnews.physaphae.fr/article.php?IdArticle=8486779 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some victims re-occur. Consequently, the question arises why we observe a re-victimization and whether or not this is an actual second attack, an affiliate crossover (meaning an affiliate has gone to]]> 2024-04-22T15:52:00+00:00 https://thehackernews.com/2024/04/ransomware-double-dip-re-victimization.html www.secnews.physaphae.fr/article.php?IdArticle=8486755 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes. "When a user executes a function that has a path argument in Windows, the DOS path at which the file or folder exists is converted to an NT path," SafeBreach security researcher Or Yair said&]]> 2024-04-22T14:52:00+00:00 https://thehackernews.com/2024/04/researchers-uncover-windows-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8486727 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient. "They are learning to use tools powered by AI large language models (LLM) to make their operations more efficient and effective," the tech giant said in its latest report on East Asia hacking groups. The company]]> 2024-04-22T12:42:00+00:00 https://thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8486679 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware. RedLine Stealer, ]]> 2024-04-21T14:12:00+00:00 https://thehackernews.com/2024/04/new-redline-stealer-variant-disguised.html www.secnews.physaphae.fr/article.php?IdArticle=8486229 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. "In]]> 2024-04-20T11:23:00+00:00 https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html www.secnews.physaphae.fr/article.php?IdArticle=8485659 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.]]> 2024-04-20T10:48:00+00:00 https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8485660 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. "Waterbear is known for its complexity, as it]]> 2024-04-19T19:14:00+00:00 https://thehackernews.com/2024/04/blacktech-targets-tech-research-and-gov.html www.secnews.physaphae.fr/article.php?IdArticle=8485329 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here\'s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let\'s discuss why]]> 2024-04-19T16:38:00+00:00 https://thehackernews.com/2024/04/showcasing-networkless-identity-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8485252 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia," cybersecurity agencies from the Netherlands and the U.S.,]]> 2024-04-19T16:31:00+00:00 https://thehackernews.com/2024/04/akira-ransomware-gang-extorts-42.html www.secnews.physaphae.fr/article.php?IdArticle=8485253 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior. The campaign has been codenamed ]]> 2024-04-19T11:46:00+00:00 https://thehackernews.com/2024/04/hackers-target-middle-east-governments.html www.secnews.physaphae.fr/article.php?IdArticle=8485140 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform. "The documents contained VBA code to drop and run an executable with the name \'ctrlpanel.exe,\'"]]> 2024-04-18T19:55:00+00:00 https://thehackernews.com/2024/04/offlrouter-malware-evades-detection-in.html www.secnews.physaphae.fr/article.php?IdArticle=8484779 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). "FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights," the BlackBerry research and intelligence team said in a new write-up. "They]]> 2024-04-18T19:28:00+00:00 https://thehackernews.com/2024/04/fin7-cybercrime-group-targeting-us-auto.html www.secnews.physaphae.fr/article.php?IdArticle=8484780 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use]]> 2024-04-18T16:47:00+00:00 https://thehackernews.com/2024/04/recover-from-ransomware-in-5-minuteswe.html www.secnews.physaphae.fr/article.php?IdArticle=8484685 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations. Detecting Threats in PDFs PDF files are frequently exploited by threat actors to]]> 2024-04-18T16:01:00+00:00 https://thehackernews.com/2024/04/how-to-conduct-advanced-static-analysis.html www.secnews.physaphae.fr/article.php?IdArticle=8484687 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest," Kaspersky researcher Dmitry Kalinin said in a technical analysis.]]> 2024-04-18T16:01:00+00:00 https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html www.secnews.physaphae.fr/article.php?IdArticle=8484686 False Malware,Mobile,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers, LabHost offered phishing pages targeting banks, high-profile organizations, and other service]]> 2024-04-18T15:58:00+00:00 https://thehackernews.com/2024/04/global-police-operation-disrupts.html www.secnews.physaphae.fr/article.php?IdArticle=8484688 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That\'s according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform that operates as a]]> 2024-04-18T11:24:00+00:00 https://thehackernews.com/2024/04/hackers-exploit-openmetadata-flaws-to.html www.secnews.physaphae.fr/article.php?IdArticle=8484537 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. "The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push these domains to the top of search engine results targeting specific search keywords, thereby]]> 2024-04-18T10:18:00+00:00 https://thehackernews.com/2024/04/malicious-google-ads-pushing-fake-ip.html www.secnews.physaphae.fr/article.php?IdArticle=8484514 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent threat (APT) group tracked as Sandworm (aka APT44 or]]> 2024-04-17T19:02:00+00:00 https://thehackernews.com/2024/04/russian-apt-deploys-new-kapeka-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8484148 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The introduction of Open AI\'s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing,]]> 2024-04-17T16:37:00+00:00 https://thehackernews.com/2024/04/genai-new-headache-for-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8484090 False Tool,Cloud ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account. Armed with this access, a]]> 2024-04-17T16:27:00+00:00 https://thehackernews.com/2024/04/critical-atlassian-flaw-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8484052 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new campaign that\'s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or]]> 2024-04-17T15:53:00+00:00 https://thehackernews.com/2024/04/hackers-exploit-fortinet-flaw-deploy.html www.secnews.physaphae.fr/article.php?IdArticle=8484053 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies," Cisco Talos said. Successful attacks could]]> 2024-04-17T14:08:00+00:00 https://thehackernews.com/2024/04/cisco-warns-of-global-surge-in-brute.html www.secnews.physaphae.fr/article.php?IdArticle=8483987 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project. "The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails," OpenJS]]> 2024-04-16T20:46:00+00:00 https://thehackernews.com/2024/04/openjs-foundation-targeted-in-potential.html www.secnews.physaphae.fr/article.php?IdArticle=8483532 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and XWorm, among others. "The group made extensive use of steganography by sending VBSs, PowerShell code, as well as RTF documents with an embedded exploit, inside]]> 2024-04-16T19:09:00+00:00 https://thehackernews.com/2024/04/ta558-hackers-weaponize-images-for-wide.html www.secnews.physaphae.fr/article.php?IdArticle=8483498 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to organizations. The vulnerability has been codenamed LeakyCLI by cloud security firm Orca. "Some commands on Azure CLI, AWS CLI, and Google Cloud CLI can expose sensitive information in]]> 2024-04-16T18:56:00+00:00 https://thehackernews.com/2024/04/aws-google-and-azure-cli-tools-could.html www.secnews.physaphae.fr/article.php?IdArticle=8483499 False Tool,Vulnerability,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521 (ecdsa-sha2-nistp521) private keys. The flaw has been assigned the CVE identifier CVE-2024-31497, with the discovery credited to researchers Fabian Bäumer and Marcus]]> 2024-04-16T16:44:00+00:00 https://thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html www.secnews.physaphae.fr/article.php?IdArticle=8483392 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has heightened the vulnerability of digital identities to exploitation, making it imperative for businesses to fortify their identity security measures. Our recent research report, The Identity Underground]]> 2024-04-16T16:40:00+00:00 https://thehackernews.com/2024/04/identity-in-shadows-shedding-light-on.html www.secnews.physaphae.fr/article.php?IdArticle=8483393 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data for advertising purposes. It has also been fined more than $7 million over charges that it revealed users\' sensitive personal health information and other data to third parties for advertising purposes and failed to honor its easy cancellation policies. "Cerebral and]]> 2024-04-16T14:06:00+00:00 https://thehackernews.com/2024/04/ftc-fines-mental-health-startup.html www.secnews.physaphae.fr/article.php?IdArticle=8483337 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The U.S. Justice Department (DoJ) said the malware "gave the malware purchasers control over victim computers and enabled them to access victims\' private communications, their login credentials, and]]> 2024-04-16T13:03:00+00:00 https://thehackernews.com/2024/04/hive-rat-creators-and-35m-cryptojacking.html www.secnews.physaphae.fr/article.php?IdArticle=8483304 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was discovered and patched by the Lighttpd maintainers way back in August 2018 with version 1.4.51, the lack of a CVE identifier or an advisory meant that]]> 2024-04-15T22:21:00+00:00 https://thehackernews.com/2024/04/intel-and-lenovo-bmcs-contain-unpatched.html www.secnews.physaphae.fr/article.php?IdArticle=8482851 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn\'t a plot from the latest cyber-thriller; it\'s actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on]]> 2024-04-15T19:00:00+00:00 https://thehackernews.com/2024/04/ai-copilot-launching-innovation-rockets.html www.secnews.physaphae.fr/article.php?IdArticle=8482751 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. "Organizations often store a variety of data in SaaS applications and use services from CSPs," Palo Alto Networks Unit 42 said in a report published last week. "The threat]]> 2024-04-15T18:59:00+00:00 https://thehackernews.com/2024/04/muddled-libra-shifts-focus-to-saas-and.html www.secnews.physaphae.fr/article.php?IdArticle=8482752 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users with]]> 2024-04-15T15:51:00+00:00 https://thehackernews.com/2024/04/timing-is-everything-role-of-just-in.html www.secnews.physaphae.fr/article.php?IdArticle=8482679 False Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest iteration of LightSpy, dubbed \'F_Warehouse,\' boasts a modular framework with extensive spying features," the BlackBerry Threat Research and Intelligence Team said in a report published last]]> 2024-04-15T14:34:00+00:00 https://thehackernews.com/2024/04/chinese-linked-lightspy-ios-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8482613 False Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature that an unauthenticated attacker could weaponize to execute arbitrary code with root]]> 2024-04-15T13:47:00+00:00 https://thehackernews.com/2024/04/palo-alto-networks-releases-urgent.html www.secnews.physaphae.fr/article.php?IdArticle=8482580 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023 following his arrest in July. "At the time of both attacks,]]> 2024-04-13T19:55:00+00:00 https://thehackernews.com/2024/04/ex-security-engineer-jailed-3-years-for.html www.secnews.physaphae.fr/article.php?IdArticle=8481450 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Treasury Department\'s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir \'Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson of Izz al-Din al-Qassam Brigades, the military wing of Hamas, since at least 2007. "He publicly]]> 2024-04-13T19:28:00+00:00 https://thehackernews.com/2024/04/us-treasury-hamas-spokesperson-for.html www.secnews.physaphae.fr/article.php?IdArticle=8481451 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company\'s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of]]> 2024-04-13T13:55:00+00:00 https://thehackernews.com/2024/04/hackers-deploy-python-backdoor-in-palo.html www.secnews.physaphae.fr/article.php?IdArticle=8481314 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) "Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The]]> 2024-04-12T20:25:00+00:00 https://thehackernews.com/2024/04/popular-rust-crate-liblzma-sys.html www.secnews.physaphae.fr/article.php?IdArticle=8480812 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard]]> 2024-04-12T16:43:00+00:00 https://thehackernews.com/2024/04/code-keepers-mastering-non-human.html www.secnews.physaphae.fr/article.php?IdArticle=8480681 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. "While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater\'s methods remain constant," Deep]]> 2024-04-12T15:19:00+00:00 https://thehackernews.com/2024/04/iranian-muddywater-hackers-adopt-new-c2.html www.secnews.physaphae.fr/article.php?IdArticle=8480647 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. "A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature]]> 2024-04-12T14:26:00+00:00 https://thehackernews.com/2024/04/zero-day-alert-critical-palo-alto.html www.secnews.physaphae.fr/article.php?IdArticle=8480648 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a credit card skimmer that\'s concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the "Miscellaneous Scripts" section of the Magento admin panel. "]]> 2024-04-12T10:39:00+00:00 https://thehackernews.com/2024/04/sneaky-credit-card-skimmer-disguised-as.html www.secnews.physaphae.fr/article.php?IdArticle=8480496 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft\'s systems that led to the theft of email correspondence with the company. The attack, which came to light earlier this year, has been]]> 2024-04-12T10:02:00+00:00 https://thehackernews.com/2024/04/us-federal-agencies-ordered-to-hunt-for.html www.secnews.physaphae.fr/article.php?IdArticle=8480467 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/gitguardian-report-pypi-secrets.html www.secnews.physaphae.fr/article.php?IdArticle=8480059 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," Proofpoint said. "Additionally, the actor appeared to]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/ta547-phishing-attack-hits-german-firms.html www.secnews.physaphae.fr/article.php?IdArticle=8479962 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/blog-post.html www.secnews.physaphae.fr/article.php?IdArticle=8479961 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are used by state actors to pull off "individually targeted]]> 2024-04-11T12:14:00+00:00 https://thehackernews.com/2024/04/apple-expands-spyware-alert-system-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479812 False Tool,Threat,Commercial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. "An Improper Control of Generation of Code (\'Code Injection\') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to]]> 2024-04-11T10:53:00+00:00 https://thehackernews.com/2024/04/fortinet-has-released-patches-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479787 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor or group. It\'s tracking the group behind the operation under the]]> 2024-04-10T19:54:00+00:00 https://thehackernews.com/2024/04/exotic-visit-spyware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8479379 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its distributors have experimented with other initial infection vectors," HP Wolf Security said in a report]]> 2024-04-10T18:40:00+00:00 https://thehackernews.com/2024/04/raspberry-robin-returns-new-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8479339 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are now taking advantage of GitHub\'s search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The latest assault on the open-source software supply chain involves concealing malicious code within Microsoft Visual Code project files that\'s designed to download next-stage payloads from a remote URL,]]> 2024-04-10T18:08:00+00:00 https://thehackernews.com/2024/04/beware-githubs-fake-popularity-scam.html www.secnews.physaphae.fr/article.php?IdArticle=8479340 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain]]> 2024-04-10T16:30:00+00:00 https://thehackernews.com/2024/04/hands-on-review-cynomi-ai-powered-vciso.html www.secnews.physaphae.fr/article.php?IdArticle=8479280 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection (BHI), can be used to leak arbitrary kernel memory at 3.5 kB/sec by bypassing existing Spectre v2/BHI mitigations, researchers from Systems and]]> 2024-04-10T14:56:00+00:00 https://thehackernews.com/2024/04/researchers-uncover-first-native.html www.secnews.physaphae.fr/article.php?IdArticle=8479247 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think. Think of it like this: misconfigurations, forgotten accounts, and old settings are like cracks in your digital fortress walls. Hackers]]> 2024-04-10T14:32:00+00:00 https://thehackernews.com/2024/04/webinar-learn-how-to-stop-hackers-from.html www.secnews.physaphae.fr/article.php?IdArticle=8479216 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released security updates for the month of April 2024 to remediate a record 149 flaws, two of which have come under active exploitation in the wild. Of the 149 flaws, three are rated Critical, 142 are rated Important, three are rated Moderate, and one is rated Low in severity. The update is aside from 21 vulnerabilities that the company addressed in its]]> 2024-04-10T10:27:00+00:00 https://thehackernews.com/2024/04/microsoft-fixes-149-flaws-in-huge-april.html www.secnews.physaphae.fr/article.php?IdArticle=8479115 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments. "The Rust standard library did not properly escape]]> 2024-04-10T08:35:00+00:00 https://thehackernews.com/2024/04/critical-batbadbut-rust-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8479069 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain, Sysdig said in a report shared with The Hacker News. "Its primary method of operation]]> 2024-04-09T19:31:00+00:00 https://thehackernews.com/2024/04/10-year-old-rubycarp-romanian-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8478745 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users. Cisco Talos is tracking the activity cluster under the name Starry Addax, describing it as primarily singling out activists associated with]]> 2024-04-09T19:15:00+00:00 https://thehackernews.com/2024/04/hackers-targeting-human-rights.html www.secnews.physaphae.fr/article.php?IdArticle=8478746 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in November 2023. The issues were fixed by LG as part of updates released on March 22, 2024. The]]> 2024-04-09T18:35:00+00:00 https://thehackernews.com/2024/04/researchers-discover-lg-smart-tv.html www.secnews.physaphae.fr/article.php?IdArticle=8478695 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023 CL0P Growth  Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the \'CryptoMix\' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to 2022. But in 2023 the CL0P ransomware gang took itself to new heights and became one of the]]> 2024-04-09T16:54:00+00:00 https://thehackernews.com/2024/04/cl0ps-ransomware-rampage-security.html www.secnews.physaphae.fr/article.php?IdArticle=8478661 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet]]> 2024-04-09T12:54:00+00:00 https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html www.secnews.physaphae.fr/article.php?IdArticle=8478562 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in]]> 2024-04-09T11:16:00+00:00 https://thehackernews.com/2024/04/critical-flaws-leave-92000-d-link-nas.html www.secnews.physaphae.fr/article.php?IdArticle=8478517 False Malware,Vulnerability,Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced support for what\'s called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox]]> 2024-04-08T19:21:00+00:00 https://thehackernews.com/2024/04/google-chrome-adds-v8-sandbox-new.html www.secnews.physaphae.fr/article.php?IdArticle=8478161 False Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said in a joint analysis published last week, adding it\'s designed to retrieve]]> 2024-04-08T16:59:00+00:00 https://thehackernews.com/2024/04/watch-out-for-latrodectus-this-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8478076 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023. Figure]]> 2024-04-08T16:53:00+00:00 https://thehackernews.com/2024/04/the-drop-in-ransomware-attacks-in-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8478077 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs researcher Karla Agregado said. The email message, the company said, originates from an email]]> 2024-04-08T14:06:00+00:00 https://thehackernews.com/2024/04/cybercriminals-targeting-latin-america.html www.secnews.physaphae.fr/article.php?IdArticle=8478025 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has filed a lawsuit against two app developers for engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam Cheung (aka]]> 2024-04-08T10:55:00+00:00 https://thehackernews.com/2024/04/google-sues-app-developers-over-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8477927 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution. It was addressed by the company as part of]]> 2024-04-06T15:13:00+00:00 https://thehackernews.com/2024/04/hackers-exploit-magento-bug-to-steal.html www.secnews.physaphae.fr/article.php?IdArticle=8477009 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers\' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. "Malicious models represent a major risk to AI systems,]]> 2024-04-05T19:38:00+00:00 https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8476537 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and]]> 2024-04-05T16:48:00+00:00 https://thehackernews.com/2024/04/ciso-perspectives-on-complying-with.html www.secnews.physaphae.fr/article.php?IdArticle=8476455 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet FortiGuard Labs, clicking the URL]]> 2024-04-05T15:10:00+00:00 https://thehackernews.com/2024/04/from-pdfs-to-payload-bogus-adobe.html www.secnews.physaphae.fr/article.php?IdArticle=8476429 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week. "It employs the .NET (de)serialization feature to interact with a core]]> 2024-04-05T13:18:00+00:00 https://thehackernews.com/2024/04/new-wave-of-jsoutprox-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8476376 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886. The Google Cloud]]> 2024-04-05T12:45:00+00:00 https://thehackernews.com/2024/04/researchers-identify-multiple-china.html www.secnews.physaphae.fr/article.php?IdArticle=8476377 False Vulnerability,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia,]]> 2024-04-04T21:12:00+00:00 https://thehackernews.com/2024/04/vietnam-based-hackers-steal-financial.html www.secnews.physaphae.fr/article.php?IdArticle=8476000 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. "The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions a significant fine for the incident," Cofense researcher Dylan Duncan said. The]]> 2024-04-04T21:00:00+00:00 https://thehackernews.com/2024/04/new-phishing-campaign-targets-oil-gas.html www.secnews.physaphae.fr/article.php?IdArticle=8476001 False Malware None 3.0000000000000000