This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:40:56+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google\'s Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well as companies using the LLM API. The first vulnerability involves]]> 2024-03-13T15:44:00+00:00 https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8463116 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” Fortinet FortiGuard Labs researcher Yurren Wan said. An unusual aspect of the]]> 2024-03-13T15:13:00+00:00 https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html www.secnews.physaphae.fr/article.php?IdArticle=8463117 False Malware,Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the flaws are listed as]]> 2024-03-13T11:08:00+00:00 https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html www.secnews.physaphae.fr/article.php?IdArticle=8462999 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet. The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from]]> 2024-03-12T17:43:00+00:00 https://thehackernews.com/2024/03/watch-out-these-pypi-python-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8462621 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you\'d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a Continuous Threat Exposure]]> 2024-03-12T16:37:00+00:00 https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8462597 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks. "These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024," security researcher]]> 2024-03-12T14:45:00+00:00 https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html www.secnews.physaphae.fr/article.php?IdArticle=8462546 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation. The development was first reported by Russian news agency TASS. “During the investigation of an espionage case, a South Korean citizen Baek Won-soon was identified and detained in Vladivostok, and put into custody under a court]]> 2024-03-12T12:02:00+00:00 https://thehackernews.com/2024/03/south-korean-citizen-detained-in-russia.html www.secnews.physaphae.fr/article.php?IdArticle=8462509 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can\'t be overstated. With organizations increasingly migrating to cloud environments, the PAM Solution Market is experiencing a transformative shift toward cloud-based offerings. One Identity PAM Essentials stands]]> 2024-03-11T20:17:00+00:00 https://thehackernews.com/2024/03/embracing-cloud-revolutionizing.html www.secnews.physaphae.fr/article.php?IdArticle=8462169 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that\'s propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said. The attack chain involves the use of]]> 2024-03-11T20:17:00+00:00 https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8462170 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the shift of IT infrastructure to cloud-based solutions celebrates its 10-year anniversary, it becomes clear that traditional on-premises approaches to data security are becoming obsolete. Rather than protecting the endpoint, DLP solutions need to refocus their efforts to where corporate data resides - in the browser. A new guide by LayerX titled "On-Prem is Dead. Have You Adjusted Your Web]]> 2024-03-11T17:03:00+00:00 https://thehackernews.com/2024/03/data-leakage-prevention-in-age-of-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8462119 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitation of a TeamCity server which resulted in the deployment of a PowerShell implementation of]]> 2024-03-11T15:23:00+00:00 https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8462076 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It]]> 2024-03-11T11:58:00+00:00 https://thehackernews.com/2024/03/proof-of-concept-exploit-released-for.html www.secnews.physaphae.fr/article.php?IdArticle=8461989 False Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts. “Threat actor group Magnet Goblin\'s hallmark is its ability to swiftly leverage newly disclosed vulnerabilities, particularly targeting]]> 2024-03-11T11:29:00+00:00 https://thehackernews.com/2024/03/magnet-goblin-hacker-group-leveraging-1.html www.secnews.physaphae.fr/article.php?IdArticle=8461990 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our]]> 2024-03-09T09:31:00+00:00 https://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8461117 False Hack,Threat APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has offered details on how it intends to implement interoperability in WhatsApp and Messenger with third-party messaging services as the Digital Markets Act (DMA) went into effect in the European Union. “This allows users of third-party providers who choose to enable interoperability (interop) to send and receive messages with opted-in users of either Messenger or WhatsApp – both designated]]> 2024-03-08T18:44:00+00:00 https://thehackernews.com/2024/03/meta-details-whatsapp-and-messenger.html www.secnews.physaphae.fr/article.php?IdArticle=8460826 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the realm of cybersecurity, the stakes are sky-high, and at its core lies secrets management - the foundational pillar upon which your security infrastructure rests. We\'re all familiar with the routine: safeguarding those API keys, connection strings, and certificates is non-negotiable. However, let\'s dispense with the pleasantries; this isn\'t a simple \'set it and forget it\' scenario. It\'s]]> 2024-03-08T15:19:00+00:00 https://thehackernews.com/2024/03/secrets-sensei-conquering-secrets.html www.secnews.physaphae.fr/article.php?IdArticle=8460756 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF]]> 2024-03-08T13:39:00+00:00 https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8460718 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first QEMU that has been]]> 2024-03-08T13:18:00+00:00 https://thehackernews.com/2024/03/cybercriminals-utilize-qemu-emulator-as.html www.secnews.physaphae.fr/article.php?IdArticle=8460719 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a complete]]> 2024-03-08T11:43:00+00:00 https://thehackernews.com/2024/03/cisa-warns-of-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8460680 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity is part of a&]]> 2024-03-07T19:15:00+00:00 https://thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html www.secnews.physaphae.fr/article.php?IdArticle=8460354 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. The findings come from ESET, which]]> 2024-03-07T18:52:00+00:00 https://thehackernews.com/2024/03/chinese-state-hackers-target-tibetans.html www.secnews.physaphae.fr/article.php?IdArticle=8460355 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and permissions, monitoring of privileged users, their level of activity (dormant, active, hyperactive), their type (internal/ external), whether they are joiners, movers, or leavers, and more.  Not]]> 2024-03-07T16:41:00+00:00 https://thehackernews.com/2024/03/human-vs-non-human-identity-in-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8460285 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident of allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, "transferred sensitive Google trade secrets and other confidential]]> 2024-03-07T15:49:00+00:00 https://thehackernews.com/2024/03/ex-google-engineer-arrested-for.html www.secnews.physaphae.fr/article.php?IdArticle=8460261 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Facebook messages are being used by threat actors to a Python-based information stealer dubbed Snake that\'s designed to capture credentials and other sensitive data. “The credentials harvested from unsuspecting users are transmitted to different platforms such as Discord, GitHub, and Telegram,” Cybereason researcher Kotaro Ogino said in a technical report. Details about the campaign&]]> 2024-03-07T13:09:00+00:00 https://thehackernews.com/2024/03/new-python-based-snake-info-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8460221 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023. “The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, and NjRAT and DCRat for Windows]]> 2024-03-07T11:41:00+00:00 https://thehackernews.com/2024/03/watch-out-for-spoofed-zoom-skype-google.html www.secnews.physaphae.fr/article.php?IdArticle=8460180 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. “The attackers leverage these tools to issue exploit code, taking advantage of common misconfigurations and]]> 2024-03-06T22:28:00+00:00 https://thehackernews.com/2024/03/hackers-exploit-misconfigured-yarn.html www.secnews.physaphae.fr/article.php?IdArticle=8459936 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is blatantly obvious when you check the source code of the new takedown notice." "There]]> 2024-03-06T20:33:00+00:00 https://thehackernews.com/2024/03/exit-scam-blackcat-ransomware-group.html www.secnews.physaphae.fr/article.php?IdArticle=8459914 False Ransomware,Threat,Legislation None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks.  [Reflectiz shields websites from client-side attacks, supply chain risks, data breaches, privacy violations, and compliance issues] You Can\'t Protect What You Can\'t See Today\'s websites are connected]]> 2024-03-06T17:00:00+00:00 https://thehackernews.com/2024/03/a-new-way-to-manage-your-web-exposure.html www.secnews.physaphae.fr/article.php?IdArticle=8459795 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn\'t anyone\'s fault; it\'s inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint]]> 2024-03-06T15:18:00+00:00 https://thehackernews.com/2024/03/how-to-find-and-fix-risky-sharing-in.html www.secnews.physaphae.fr/article.php?IdArticle=8459768 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Treasury\'s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing, operating, and distributing” commercial spyware designed to target government officials, journalists, and policy experts in the country. “The proliferation of commercial spyware poses distinct and growing]]> 2024-03-06T13:05:00+00:00 https://thehackernews.com/2024/03/us-cracks-down-on-predatory-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8459726 False Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB controller. They carry a CVSS score of 9.3 for Workstation and Fusion, and 8.4 for ESXi systems. "A]]> 2024-03-06T12:50:00+00:00 https://thehackernews.com/2024/03/vmware-issues-security-patches-for-esxi.html www.secnews.physaphae.fr/article.php?IdArticle=8459727 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News. “GhostLocker and]]> 2024-03-06T12:41:00+00:00 https://thehackernews.com/2024/03/alert-ghostsec-and-stormous-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8459706 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the hacking outfit as an advanced persistent threat group that\'s believed to have been active since at least 2022. The exact specifics of the infection chain remain unknown as yet, but it involves the]]> 2024-03-06T12:31:00+00:00 https://thehackernews.com/2024/03/new-apt-group-lotus-bane-behind-recent.html www.secnews.physaphae.fr/article.php?IdArticle=8459707 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below - CVE-2024-23225 - A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 - A memory]]> 2024-03-06T11:24:00+00:00 https://thehackernews.com/2024/03/urgent-apple-issues-critical-updates.html www.secnews.physaphae.fr/article.php?IdArticle=8459668 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to the victim workstation by exploiting the exposed setup wizard]]> 2024-03-05T21:48:00+00:00 https://thehackernews.com/2024/03/hackers-exploit-connectwise.html www.secnews.physaphae.fr/article.php?IdArticle=8459407 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem assets. While there has been a bit of a backswing against the pricing and lock-in presented when using]]> 2024-03-05T16:25:00+00:00 https://thehackernews.com/2024/03/what-is-exposure-management-and-how.html www.secnews.physaphae.fr/article.php?IdArticle=8459271 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. “Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” Infoblox said in a report]]> 2024-03-05T16:23:00+00:00 https://thehackernews.com/2024/03/cybercriminals-using-novel-dns.html www.secnews.physaphae.fr/article.php?IdArticle=8459272 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware. “The number of infected devices decreased slightly in mid- and late]]> 2024-03-05T16:08:00+00:00 https://thehackernews.com/2024/03/over-225000-compromised-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8459273 False Malware ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this]]> 2024-03-05T15:55:00+00:00 https://thehackernews.com/2024/03/warning-thread-hijacking-attack-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8459245 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The]]> 2024-03-05T09:04:00+00:00 https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html www.secnews.physaphae.fr/article.php?IdArticle=8459112 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a "key tool for onboarding and managing these money mules," CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam ]]> 2024-03-04T19:20:00+00:00 https://thehackernews.com/2024/03/how-cybercriminals-are-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8458868 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A company\'s lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and malicious actors remain active around the clock, budgets are often stagnant at best. Yet, it is crucial]]> 2024-03-04T16:42:00+00:00 https://thehackernews.com/2024/03/from-500-to-5000-employees-securing-3rd.html www.secnews.physaphae.fr/article.php?IdArticle=8458807 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. "The model\'s payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims\']]> 2024-03-04T14:52:00+00:00 https://thehackernews.com/2024/03/over-100-malicious-aiml-models-found-on.html www.secnews.physaphae.fr/article.php?IdArticle=8458766 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and]]> 2024-03-04T10:54:00+00:00 https://thehackernews.com/2024/03/phobos-ransomware-aggressively.html www.secnews.physaphae.fr/article.php?IdArticle=8458699 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant\'s ongoing litigation against the Israeli spyware vendor. The decision, which marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximately]]> 2024-03-02T11:53:00+00:00 https://thehackernews.com/2024/03/us-court-orders-nso-group-to-hand-over.html www.secnews.physaphae.fr/article.php?IdArticle=8457852 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including the U.S. Departments of the Treasury and State, defense contractors that support U.S. Department of]]> 2024-03-02T10:08:00+00:00 https://thehackernews.com/2024/03/us-charges-iranian-hacker-offers-10.html www.secnews.physaphae.fr/article.php?IdArticle=8457834 False Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. “This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs,]]> 2024-03-01T19:02:00+00:00 https://thehackernews.com/2024/03/new-phishing-kit-leverages-sms-voice.html www.secnews.physaphae.fr/article.php?IdArticle=8457530 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than a decade ago, the concept of the \'blameless\' postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: “One option is to assume the single cause is incompetence and scream at engineers to make them]]> 2024-03-01T16:38:00+00:00 https://thehackernews.com/2024/03/4-instructive-postmortems-on-data.html www.secnews.physaphae.fr/article.php?IdArticle=8457479 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of Bifrost aims to bypass security measures and compromise targeted systems," Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth Sharma said. BIFROSE is one of the long-standing]]> 2024-03-01T16:26:00+00:00 https://thehackernews.com/2024/03/new-bifrose-linux-malware-variant-using.html www.secnews.physaphae.fr/article.php?IdArticle=8457480 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security. "Ivanti ICT is not sufficient to detect compromise and that a cyber threat actor may be able]]> 2024-03-01T11:56:00+00:00 https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html www.secnews.physaphae.fr/article.php?IdArticle=8457395 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub on Thursday announced that it\'s enabling secret scanning push protection by default for all pushes to public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the option to remove the secret from your commits or, if you deem the secret safe, bypass the block,” Eric Tooley and Courtney Claessens said. Push protection&]]> 2024-03-01T10:59:00+00:00 https://thehackernews.com/2024/03/github-rolls-out-default-secret.html www.secnews.physaphae.fr/article.php?IdArticle=8457353 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as Salesforce,” Semperis]]> 2024-02-29T20:51:00+00:00 https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html www.secnews.physaphae.fr/article.php?IdArticle=8457062 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have discovered a new Linux malware called GTPDOOR that\'s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. GPRS roaming allows subscribers to access their GPRS services while they are]]> 2024-02-29T17:03:00+00:00 https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html www.secnews.physaphae.fr/article.php?IdArticle=8456928 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It was resolved by Microsoft earlier this month as part]]> 2024-02-29T16:49:00+00:00 https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8456930 False Vulnerability,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around - and hackers dreaming up new exploits every day - how do you create proactive, agile cybersecurity strategies? And what cybersecurity approach gives you the most bang for your buck, mitigating your risks and maximizing the value of your]]> 2024-02-29T16:49:00+00:00 https://thehackernews.com/2024/02/why-risk-based-approach-to.html www.secnews.physaphae.fr/article.php?IdArticle=8456929 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, inviting diplomatic staff to a wine-tasting]]> 2024-02-29T13:49:00+00:00 https://thehackernews.com/2024/02/new-backdoor-targeting-european.html www.secnews.physaphae.fr/article.php?IdArticle=8456853 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most]]> 2024-02-29T13:47:00+00:00 https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8456854 False Malware APT 38 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain]]> 2024-02-29T11:19:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8456812 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens\' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans\' sensitive data," the White House said in a statement. This includes sensitive information such as genomic data, biometric data,]]> 2024-02-29T10:33:00+00:00 https://thehackernews.com/2024/02/president-biden-blocks-mass-transfer-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456769 False Legislation None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant said in a new analysis. UNC1549 is said to overlap with ]]> 2024-02-28T20:38:00+00:00 https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html www.secnews.physaphae.fr/article.php?IdArticle=8456494 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator\'s]]> 2024-02-28T18:36:00+00:00 https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456448 False Ransomware,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital era, data privacy isn\'t just a concern; it\'s a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a transformative webinar where we unveil Twilio Segment\'s state-of-the-art CDP.]]> 2024-02-28T17:32:00+00:00 https://thehackernews.com/2024/02/building-your-privacy-compliant.html www.secnews.physaphae.fr/article.php?IdArticle=8456419 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users. There\'s a company aiming to fix the gap between traditional PAM and IdM]]> 2024-02-28T16:07:00+00:00 https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8456366 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the "threat actor has previously used similar tactics, techniques and procedures (TTPs) to distribute a banking trojan known]]> 2024-02-28T13:13:00+00:00 https://thehackernews.com/2024/02/timbrestealer-malware-spreading-via-tax.html www.secnews.physaphae.fr/article.php?IdArticle=8456319 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The botnet, named MooBot, is said to have been used by a Russia-linked threat actor known as]]> 2024-02-28T11:17:00+00:00 https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html www.secnews.physaphae.fr/article.php?IdArticle=8456273 False Threat APT 28 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. "This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user]]> 2024-02-27T20:13:00+00:00 https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html www.secnews.physaphae.fr/article.php?IdArticle=8455914 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it available to other actors at no extra cost. Written in C# and compatible with Windows 10 and Windows 11 operating systems, the open-source RAT comes with a "comprehensive set of features for remote system management," according to its developer, who goes by the name moom825]]> 2024-02-27T18:26:00+00:00 https://thehackernews.com/2024/02/open-source-xeno-rat-trojan-emerges-as.html www.secnews.physaphae.fr/article.php?IdArticle=8455881 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional\'s role. Threat intelligence platforms can significantly enhance their ability to do so. Let\'s find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated by SIEMs and EDRs.]]> 2024-02-27T16:18:00+00:00 https://thehackernews.com/2024/02/from-alert-to-action-how-to-speed-up.html www.secnews.physaphae.fr/article.php?IdArticle=8455833 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to be affiliated with the Foreign Intelligence Service (SVR) of the]]> 2024-02-27T16:04:00+00:00 https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html www.secnews.physaphae.fr/article.php?IdArticle=8455808 False Threat,Cloud APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. "It\'s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted]]> 2024-02-27T15:48:00+00:00 https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8455809 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw. In an advisory published last week, WordPress]]> 2024-02-27T11:13:00+00:00 https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8455718 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) under the moniker UAC-0184. "The attack, as part of the IDAT Loader, used]]> 2024-02-26T20:24:00+00:00 https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html www.secnews.physaphae.fr/article.php?IdArticle=8455453 False Malware,Threat,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 8,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit package delivery alerts]]> 2024-02-26T19:40:00+00:00 https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html www.secnews.physaphae.fr/article.php?IdArticle=8455427 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils. One of the packages in question, execution-time-async, masquerades as its legitimate]]> 2024-02-26T17:57:00+00:00 https://thehackernews.com/2024/02/north-korean-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8455379 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be attacked and defended. We\'re going to talk in this]]> 2024-02-26T15:59:00+00:00 https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html www.secnews.physaphae.fr/article.php?IdArticle=8455338 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. "The infection chains associated with these malware families feature the use of malicious]]> 2024-02-26T15:21:00+00:00 https://thehackernews.com/2024/02/banking-trojans-target-latin-america.html www.secnews.physaphae.fr/article.php?IdArticle=8455339 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing. The administrator behind LockBit, in a&]]> 2024-02-26T10:27:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8455224 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, "has engaged with law enforcement," authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue]]> 2024-02-25T14:23:00+00:00 https://thehackernews.com/2024/02/authorities-claim-lockbit-admin.html www.secnews.physaphae.fr/article.php?IdArticle=8454915 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days,"]]> 2024-02-24T17:19:00+00:00 https://thehackernews.com/2024/02/microsoft-expands-free-logging.html www.secnews.physaphae.fr/article.php?IdArticle=8454550 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,]]> 2024-02-23T22:38:00+00:00 https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html www.secnews.physaphae.fr/article.php?IdArticle=8454213 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team]]> 2024-02-23T17:01:00+00:00 https://thehackernews.com/2024/02/microsoft-releases-pyrit-red-teaming.html www.secnews.physaphae.fr/article.php?IdArticle=8454107 False Tool,Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it\'s been shared]]> 2024-02-23T16:59:00+00:00 https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html www.secnews.physaphae.fr/article.php?IdArticle=8454108 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched high-severity security flaw in Apple\'s Shortcuts app that could permit a shortcut to access sensitive information on the device without users\' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and ]]> 2024-02-23T10:35:00+00:00 https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8453985 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users\' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was]]> 2024-02-23T09:00:00+00:00 https://thehackernews.com/2024/02/ftc-slams-avast-with-165-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8453953 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach]]> 2024-02-22T21:55:00+00:00 https://thehackernews.com/2024/02/apple-unveils-pq3-protocol-post-quantum.html www.secnews.physaphae.fr/article.php?IdArticle=8453752 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/cybercriminals-weaponizing-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8453620 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/a-new-age-of-hacktivism.html www.secnews.physaphae.fr/article.php?IdArticle=8453621 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People\'s Republic of Korea (DPRK)-nexus actors targeting Russia. The]]> 2024-02-22T16:13:00+00:00 https://thehackernews.com/2024/02/russian-government-software-backdoored.html www.secnews.physaphae.fr/article.php?IdArticle=8453622 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly]]> 2024-02-22T10:56:00+00:00 https://thehackernews.com/2024/02/us-offers-15-million-bounty-to-hunt.html www.secnews.physaphae.fr/article.php?IdArticle=8453518 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a]]> 2024-02-21T21:46:00+00:00 https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8453299 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter," Trend Micro researchers Sunny Lu]]> 2024-02-21T18:33:00+00:00 https://thehackernews.com/2024/02/mustang-panda-targets-asia-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453207 False Malware,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can\'t possibly become experts in the nuances of the native]]> 2024-02-21T17:00:00+00:00 https://thehackernews.com/2024/02/6-ways-to-simplify-saas-identity.html www.secnews.physaphae.fr/article.php?IdArticle=8453182 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light-it wasn\'t just computer networks that were brought to a halt, but actual patient]]> 2024-02-21T14:50:00+00:00 https://thehackernews.com/2024/02/cybersecurity-for-healthcarediagnosing.html www.secnews.physaphae.fr/article.php?IdArticle=8453138 False Ransomware,Threat,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit]]> 2024-02-21T13:30:00+00:00 https://thehackernews.com/2024/02/new-vietcredcare-stealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8453092 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) End-to-end encrypted (E2EE) messaging app Signal said it\'s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal\'s Randall Sarafa said. “People who have your number saved in their]]> 2024-02-21T12:47:00+00:00 https://thehackernews.com/2024/02/signal-introduces-usernames-allowing.html www.secnews.physaphae.fr/article.php?IdArticle=8453093 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and a European Union agency in November 2023]]> 2024-02-21T11:31:00+00:00 https://thehackernews.com/2024/02/russian-hackers-target-ukraine-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453047 False Spam,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying]]> 2024-02-21T11:04:00+00:00 https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8453048 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report. The cryptojacking attack is facilitated]]> 2024-02-20T20:50:00+00:00 https://thehackernews.com/2024/02/new-migo-malware-targeting-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8452773 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit\'s source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos. "Some of the data on LockBit\'s systems belonged to victims who had paid a ransom to the threat actors, evidencing that even when a ransom is paid, it does not]]> 2024-02-20T18:25:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomware-operation-shut-down.html www.secnews.physaphae.fr/article.php?IdArticle=8452720 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP6HelperHttptest and NP6HelperHttper, were each downloaded 537 and 166 times, respectively,]]> 2024-02-20T18:00:00+00:00 https://thehackernews.com/2024/02/new-malicious-pypi-packages-caught.html www.secnews.physaphae.fr/article.php?IdArticle=8452749 False Threat None 2.0000000000000000