This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T20:56:03+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10. Sonar security researcher Thomas Chauchefoin, who discovered the bugs,]]> 2023-10-17T20:07:00+00:00 https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8396752 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS Security\'s roots are in configuration management. An astounding 35% of all security breaches begin with security settings that were misconfigured. In the past 3 years, the initial access vectors to SaaS data have widened beyond misconfiguration management. “SaaS Security on Tap” is a new video series that takes place in Eliana V\'s bar making sure that the only thing that leaks is beer (]]> 2023-10-16T17:16:00+00:00 https://thehackernews.com/2023/10/the-fast-evolution-of-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8396179 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO\'s ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device]]> 2023-10-09T16:19:00+00:00 https://thehackernews.com/2023/10/high-severity-flaws-in-connectedios.html www.secnews.physaphae.fr/article.php?IdArticle=8393138 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be launched for $1,500 a year. If the name Wing Security (Wing) rings a bell, it is probably because earlier this year,]]> 2023-10-04T17:24:00+00:00 https://thehackernews.com/2023/10/wing-disrupts-market-by-introducing.html www.secnews.physaphae.fr/article.php?IdArticle=8391408 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target\'s environment," security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen said in a Tuesday report. "This allowed the]]> 2023-10-04T15:48:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-cyber-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8391371 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, Hospitality,]]> 2023-10-02T16:51:00+00:00 https://thehackernews.com/2023/10/lucr-3-scattered-spider-getting-saas-y.html www.secnews.physaphae.fr/article.php?IdArticle=8390455 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS]]> 2023-09-18T18:00:00+00:00 https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8384864 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for making the breach worse, calling it a "dark pattern." "The fact that Google Authenticator syncs to]]> 2023-09-18T12:30:00+00:00 https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html www.secnews.physaphae.fr/article.php?IdArticle=8384764 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Employee offboarding is no one\'s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That\'s easier said than done, especially considering that IT organizations have less visibility and control over employees\' IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and wherever they want, and the old IT]]> 2023-09-14T17:06:00+00:00 https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html www.secnews.physaphae.fr/article.php?IdArticle=8382651 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster innovation. But with great power comes great responsibility. As organizations integrate more SaaS applications into their workflows, they inadvertently open the door to a new era of security threats. The stakes? Your invaluable data and the trust]]> 2023-09-13T17:16:00+00:00 https://thehackernews.com/2023/09/webinar-identity-threat-detection.html www.secnews.physaphae.fr/article.php?IdArticle=8382301 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google Workplace, and Microsoft 365 are integral to daily operations. This widespread adoption has transformed them into potential breeding grounds for cyber threats. Each SaaS application presents unique security challenges, and the landscape constantly evolves]]> 2023-09-12T16:12:00+00:00 https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8381753 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security\'s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credential harvesting malware while continuing to develop infrastructure for an upcoming (spoiler: now launched) campaign]]> 2023-08-23T17:14:00+00:00 https://thehackernews.com/2023/08/agile-approach-to-mass-cloud-credential.html www.secnews.physaphae.fr/article.php?IdArticle=8373614 False Malware,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new State of SaaS Security Posture Management Report from SaaS cybersecurity provider AppOmni indicates that Cybersecurity, IT, and business leaders alike recognize SaaS cybersecurity as an increasingly important part of the cyber threat landscape. And at first glance, respondents appear generally optimistic about their SaaS cybersecurity. Over 600 IT, cybersecurity, and business leaders at]]> 2023-08-22T16:50:00+00:00 https://thehackernews.com/2023/08/cisos-tout-saas-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8373073 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More and more organizations are choosing Google Workspace as their default employee toolset of choice. But despite the productivity advantages, this organizational action also incurs a new security debt. Security teams now have to find a way to adjust their security architecture to this new cloud workload. Some teams may rely on their existing network security solutions. According to a new guide]]> 2023-08-16T16:42:00+00:00 https://thehackernews.com/2023/08/guide-how-google-workspace-based.html www.secnews.physaphae.fr/article.php?IdArticle=8370675 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors\' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months. "The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud apps," Netskope security researcher Jan Michael said. Cloudflare R2, analogous to Amazon Web Service S3, Google Cloud Storage, and]]> 2023-08-15T23:44:00+00:00 https://thehackernews.com/2023/08/cybercriminals-abusing-cloudflare-r2.html www.secnews.physaphae.fr/article.php?IdArticle=8370359 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Why SaaS Security Is a Challenge In today\'s digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive their operations. However, this widespread adoption has also opened the doors to new security risks and vulnerabilities. The SaaS security attack surface continues to widen. It started with managing misconfigurations and now requires a]]> 2023-08-14T16:43:00+00:00 https://thehackernews.com/2023/08/identity-threat-detection-and-response.html www.secnews.physaphae.fr/article.php?IdArticle=8369891 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers continue to target Microsoft identities to gain access to connected Microsoft applications and federated SaaS applications. Additionally, attackers continue to progress their attacks in these environments, not by exploiting vulnerabilities, but by abusing native Microsoft functionality to achieve their objective. The attacker group Nobelium, linked with the SolarWinds attacks, has been]]> 2023-08-10T16:44:00+00:00 https://thehackernews.com/2023/08/emerging-attacker-exploit-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8368339 False Cloud Solardwinds 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it\'s been duplicated or moved to. So, what is DSPM? Here\'s a quick example: Let\'s say you\'ve built an excellent security posture for your cloud data. For the sake of this example, your data is in production, it\'s protected behind a]]> 2023-08-01T15:45:00+00:00 https://thehackernews.com/2023/08/what-is-data-security-posture.html www.secnews.physaphae.fr/article.php?IdArticle=8364235 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users. "The impacted Ubuntu versions are prevalent in the cloud as they serve as the default]]> 2023-07-27T18:55:00+00:00 https://thehackernews.com/2023/07/gameoverlay-two-severe-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8362245 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development.  Placing security at the very end of the]]> 2023-07-27T16:55:00+00:00 https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8362202 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven\'t changed in 2023. The U.S. Government\'s Office for Civil Rights reported 145 data breaches in the United States during the first quarter of this year. That follows 707 incidents a year ago, during which over 50 million records were]]> 2023-07-24T17:40:00+00:00 https://thehackernews.com/2023/07/how-to-protect-patients-and-their.html www.secnews.physaphae.fr/article.php?IdArticle=8360782 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recent attack against Microsoft\'s email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and]]> 2023-07-21T20:44:00+00:00 https://thehackernews.com/2023/07/azure-ad-token-forging-technique-in.html www.secnews.physaphae.fr/article.php?IdArticle=8359761 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said. "This]]> 2023-07-20T11:42:00+00:00 https://thehackernews.com/2023/07/new-p2pinfect-worm-targeting-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8359134 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday announced that it\'s expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent espionage attack campaign aimed at its email infrastructure. The tech giant said it\'s making the change in direct response to increasing frequency and evolution of nation-state cyber]]> 2023-07-20T10:36:00+00:00 https://thehackernews.com/2023/07/microsoft-expands-cloud-logging-to.html www.secnews.physaphae.fr/article.php?IdArticle=8359121 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attack surfaces are growing faster than security teams can keep up. To stay ahead, you need to know what\'s exposed and where attackers are most likely to strike. With cloud migration dramatically increasing the number of internal and external targets, prioritizing threats and managing your attack surface from an attacker\'s perspective has never been more important. Let\'s look at why it\'s growing]]> 2023-07-19T17:28:00+00:00 https://thehackernews.com/2023/07/how-to-manage-your-attack-surface.html www.secnews.physaphae.fr/article.php?IdArticle=8358788 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a privilege escalation vulnerability in Google Cloud that could enable malicious actors tamper with application images and infect users, leading to supply chain attacks. The issue, dubbed Bad.Build, is rooted in the Google Cloud Build service, according to cloud security firm Orca, which discovered and reported the issue. "By abusing the flaw and enabling]]> 2023-07-19T15:04:00+00:00 https://thehackernews.com/2023/07/badbuild-flaw-in-google-cloud-build.html www.secnews.physaphae.fr/article.php?IdArticle=8358731 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As security practices continue to evolve, one primary concern persists in the minds of security professionals-the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating from deliberate actions or accidental incidents, pose a significant challenge to safeguarding sensitive data. To effectively address insider risks, organizations must]]> 2023-07-14T16:38:00+00:00 https://thehackernews.com/2023/07/defend-against-insider-threats-join.html www.secnews.physaphae.fr/article.php?IdArticle=8356506 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that\'s focused on Azure and Google Cloud Platform (GCP) services, marking the adversary\'s expansion in targeting beyond Amazon Web Services (AWS). The findings come from SentinelOne and Permiso, which said the "campaigns share similarity with tools attributed to the notorious TeamTNT cryptojacking crew,"]]> 2023-07-14T15:42:00+00:00 https://thehackernews.com/2023/07/teamtnts-cloud-credential-stealing.html www.secnews.physaphae.fr/article.php?IdArticle=8356508 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag said in a]]> 2023-07-13T21:25:00+00:00 https://thehackernews.com/2023/07/teamtnts-silentbob-botnet-infecting-196.html www.secnews.physaphae.fr/article.php?IdArticle=8356091 False Cloud Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said. "This is the first publicly]]> 2023-07-12T13:09:00+00:00 https://thehackernews.com/2023/07/python-based-pyloose-fileless-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8355055 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud environments continue to be at the receiving end of an ongoing advanced attack campaign dubbed SCARLETEEL, with the threat actors now setting their sights on Amazon Web Services (AWS) Fargate. "Cloud environments are still their primary target, but the tools and techniques used have adapted to bypass new security measures, along with a more resilient and stealthy command and control]]> 2023-07-11T15:28:00+00:00 https://thehackernews.com/2023/07/scarleteel-cryptojacking-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8354411 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Brick-and-mortar retailers and e-commerce sellers may be locked in a fierce battle for market share, but one area both can agree on is the need to secure their SaaS stack. From communications tools to order management and fulfillment systems, much of today\'s critical retail software lives in SaaS apps in the cloud. Securing those applications is crucial to ongoing operations, chain management,]]> 2023-07-10T17:05:00+00:00 https://thehackernews.com/2023/07/global-retailers-must-keep-eye-on-their.html www.secnews.physaphae.fr/article.php?IdArticle=8353989 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho," Proofpoint said in a new report. "When given the opportunity, TA453]]> 2023-07-06T23:36:00+00:00 https://thehackernews.com/2023/07/iranian-hackers-sophisticated-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8353098 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed an attack infrastructure that\'s being used as part of a "potentially massive campaign" against cloud-native environments. "This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials]]> 2023-07-06T16:08:00+00:00 https://thehackernews.com/2023/07/silentbob-campaign-cloud-native.html www.secnews.physaphae.fr/article.php?IdArticle=8352874 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making. Employees using AI tools experience the advantages of quick answers and accurate results, enabling]]> 2023-06-30T17:01:00+00:00 https://thehackernews.com/2023/06/3-reasons-saas-security-is-imperative.html www.secnews.physaphae.fr/article.php?IdArticle=8350993 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security and IT teams are routinely forced to adopt software before fully understanding the security risks. And AI tools are no exception. Employees and business leaders alike are flocking to generative AI software and similar programs, often unaware of the major SaaS security vulnerabilities they\'re introducing into the enterprise. A February 2023 generative AI survey of 1,000 executives]]> 2023-06-26T16:42:00+00:00 https://thehackernews.com/2023/06/how-generative-ai-can-dupe-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8349345 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Quick Serve Restaurant (QSR) industry is built on consistency and shared resources. National chains like McDonald\'s and regional ones like Cracker Barrel grow faster by reusing the same business model, decor, and menu, with little change from one location to the next.  QSR technology stacks mirror the consistency of the front end of each store. Despite each franchise being independently]]> 2023-06-20T17:27:00+00:00 https://thehackernews.com/2023/06/saas-in-real-world-how-global-food.html www.secnews.physaphae.fr/article.php?IdArticle=8347298 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While the use of Infrastructure as Code (IaC) has gained significant popularity as organizations embrace cloud computing and DevOps practices, the speed and flexibility that IaC provides can also introduce the potential for misconfigurations and security vulnerabilities.  IaC allows organizations to define and manage their infrastructure using machine-readable configuration files, which are]]> 2023-06-19T17:21:00+00:00 https://thehackernews.com/2023/06/introducing-ai-guided-remediation-for.html www.secnews.physaphae.fr/article.php?IdArticle=8346948 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," the tech giant said in a post on Friday. Storm-#### (]]> 2023-06-19T14:07:00+00:00 https://thehackernews.com/2023/06/microsoft-blames-massive-ddos-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8346894 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. "Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquire money with a totally clean on-chain original source," blockchain analytics firm Chainalysis said in]]> 2023-06-15T21:50:00+00:00 https://thehackernews.com/2023/06/ransomware-hackers-and-scammers.html www.secnews.physaphae.fr/article.php?IdArticle=8345827 False Ransomware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 55% of security executives report that they have experienced a SaaS security incident in the past two years - ranging from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2). Figure 1. How many organizations have experienced a SaaS security incident within the past two years The SaaS Security Survey Report: Plans and Priorities for 2024,]]> 2023-06-05T17:25:00+00:00 https://thehackernews.com/2023/06/the-annual-report-2024-plans-and.html www.secnews.physaphae.fr/article.php?IdArticle=8342132 False Ransomware,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent. EC-Council, the global leader in cybersecurity education and training, released its Certified Chief Information Security Officer Hall of Fame]]> 2023-06-03T13:40:00+00:00 https://thehackernews.com/2023/06/cloud-security-tops-concerns-for.html www.secnews.physaphae.fr/article.php?IdArticle=8341740 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security flaw has been disclosed in the Google Cloud Platform\'s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. "The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP data like secrets, sensitive files, passwords, in addition]]> 2023-05-26T21:55:00+00:00 https://thehackernews.com/2023/05/severe-flaw-in-google-clouds-cloud-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8339647 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that can be vital for governments and]]> 2023-05-26T17:18:00+00:00 https://thehackernews.com/2023/05/5-must-know-facts-about-5g-network.html www.secnews.physaphae.fr/article.php?IdArticle=8339590 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company\'s Permiso P0 Labs, which first detected the group in November 2021, has assigned it the moniker GUI-vil (pronounced Goo-ee-vil). "The group displays a preference for Graphical]]> 2023-05-22T21:35:00+00:00 https://thehackernews.com/2023/05/indonesian-cybercriminals-exploit-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8338466 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week. The 11 vulnerabilities allow "remote code execution and]]> 2023-05-15T18:54:00+00:00 https://thehackernews.com/2023/05/industrial-cellular-routers-at-risk-11.html www.secnews.physaphae.fr/article.php?IdArticle=8336651 False Industrial,Cloud,Conference None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world\'s youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues their entire lives. Perhaps it is due to their familiarity with technology that causes them to overlook]]> 2023-05-15T16:55:00+00:00 https://thehackernews.com/2023/05/why-high-tech-companies-struggle-with.html www.secnews.physaphae.fr/article.php?IdArticle=8336598 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates]]> 2023-05-13T13:15:00+00:00 https://thehackernews.com/2023/05/new-phishing-as-service-platform-lets.html www.secnews.physaphae.fr/article.php?IdArticle=8336262 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery (SSRF) flaws and one instance of unrestricted file upload functionality in the API Management developer portal, according to Israeli cloud security firm Ermetic. "]]> 2023-05-04T18:49:00+00:00 https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8333476 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive information allows cybercriminals to inflict maximum damage through minimal effort. It\'s the breaches in telecom companies that tend to have a seismic impact and far-reaching implications - in addition to reputational damage, which can be]]> 2023-05-02T17:10:00+00:00 https://thehackernews.com/2023/05/why-telecoms-struggle-with-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8332819 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The browser serves as the primary interface between the on-premises environment, the cloud, and the web in the modern enterprise. Therefore, the browser is also exposed to multiple types of cyber threats and operational risks.  In light of this significant challenge, how are CISOs responding? LayerX, Browser Security platform provider, has polled more than 150 CISOs across multiple verticals and]]> 2023-04-26T17:16:00+00:00 https://thehackernews.com/2023/04/browser-security-survey-87-of-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8331227 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google\'s cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape.  Powering the cybersecurity suite is Sec-PaLM, a specialized large language model (LLM) that\'s "fine-tuned for security use cases." The idea is to take advantage of the latest advances in AI to augment]]> 2023-04-25T16:09:00+00:00 https://thehackernews.com/2023/04/google-cloud-introduces-security-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8330892 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud. "This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security,"]]> 2023-04-25T10:03:00+00:00 https://thehackernews.com/2023/04/google-authenticator-app-gets-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8330828 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recent review by Wing Security, a SaaS security company that analyzed the data of over 500 companies, revealed some worrisome information. According to this review, 84% of the companies had employees using an average of 3.5 SaaS applications that were breached in the previous 3 months. While this is concerning, it isn\'t much of a surprise. The exponential growth in SaaS usage has security and]]> 2023-04-24T17:25:00+00:00 https://thehackernews.com/2023/04/study-84-of-companies-use-breached-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8330576 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. "The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack," cloud security firm Aqua said in a report shared with The Hacker News. The Israeli company, which dubbed the attack]]> 2023-04-21T18:56:00+00:00 https://thehackernews.com/2023/04/kubernetes-rbac-exploited-in-large.html www.secnews.physaphae.fr/article.php?IdArticle=8329960 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim\'s Google account. Israeli cybersecurity startup Astrix Security, which discovered and reported the issue to Google on June 19, 2022, dubbed the shortcoming GhostToken. The issue]]> 2023-04-21T17:43:00+00:00 https://thehackernews.com/2023/04/ghosttoken-flaw-could-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8329931 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets. In response, Uptycs, the first]]> 2023-04-21T17:20:00+00:00 https://thehackernews.com/2023/04/14-kubernetes-and-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8329932 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A chain of two critical flaws has been disclosed in Alibaba Cloud\'s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL that could be exploited to breach tenant isolation protections and access sensitive data belonging to other customers. "The vulnerabilities potentially allowed unauthorized access to Alibaba Cloud customers\' PostgreSQL databases and the ability to perform a supply chain]]> 2023-04-20T19:23:00+00:00 https://thehackernews.com/2023/04/two-critical-flaws-found-in-alibaba.html www.secnews.physaphae.fr/article.php?IdArticle=8329705 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recent data breaches across CircleCI, LastPass, and Okta underscore a common theme: The enterprise SaaS stacks connected to these industry-leading apps can be at serious risk for compromise. CircleCI, for example, plays an integral, SaaS-to-SaaS role for SaaS app development. Similarly, tens of thousands of organizations rely on Okta and LastPass security roles for SaaS identity and access]]> 2023-04-19T16:02:00+00:00 https://thehackernews.com/2023/04/uncovering-and-understanding-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8329310 False Cloud LastPass,LastPass 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are used interchangeably, this confusion is understandable. This confusion, though, is dangerous to organizations that need to secure]]> 2023-04-17T19:02:00+00:00 https://thehackernews.com/2023/04/whats-difference-between-cspm-sspm.html www.secnews.physaphae.fr/article.php?IdArticle=8328618 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That\'s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed]]> 2023-04-08T12:49:00+00:00 https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html www.secnews.physaphae.fr/article.php?IdArticle=8325987 False Ransomware,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Collaboration sits at the essence of SaaS applications. The word, or some form of it, appears in the top two headlines on Google Workspace\'s homepage. It can be found six times on Microsoft 365\'s homepage, three times on Box, and once on Workday. Visit nearly any SaaS site, and odds are \'collaboration\' will appear as part of the app\'s key selling point.  By sitting on the cloud, content within]]> 2023-04-04T15:24:00+00:00 https://thehackernews.com/2023/04/think-before-you-share-link-saas-in.html www.secnews.physaphae.fr/article.php?IdArticle=8324635 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing users," cloud security]]> 2023-04-01T14:03:00+00:00 https://thehackernews.com/2023/04/microsoft-fixes-new-azure-ad.html www.secnews.physaphae.fr/article.php?IdArticle=8323965 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. "Multi-cloud by design," and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.And now, even security teams who have long been the holdout]]> 2023-03-30T16:47:00+00:00 https://thehackernews.com/2023/03/cyberstorage-leveraging-multi-cloud-to.html www.secnews.physaphae.fr/article.php?IdArticle=8323423 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, unsuitable for crypto mining, in order to enable and expand subsequent campaigns," SentinelOne security]]> 2023-03-30T15:38:00+00:00 https://thehackernews.com/2023/03/alienfox-malware-targets-api-keys-and.html www.secnews.physaphae.fr/article.php?IdArticle=8323406 False Malware,Threat,Prediction,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one set of credentials. From a security standpoint, SSO is the gold standard. It ensures access without forcing users to remember multiple passwords and can be further secured with MFA. Furthermore, an estimated 61% of attacks stem from stolen credentials. By]]> 2023-03-27T16:26:00+00:00 https://thehackernews.com/2023/03/where-sso-falls-short-in-protecting-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8322056 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Any app that can improve business operations is quickly added to the SaaS stack. However, employees don\'t realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. Whether employees connect through Microsoft 365, Google Workspace, Slack, Salesforce, or any other app, security teams have no way to quantify their]]> 2023-03-24T17:13:00+00:00 https://thehackernews.com/2023/03/thn-webinar-inside-high-risk-of-3rd.html www.secnews.physaphae.fr/article.php?IdArticle=8321215 False General Information,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware. According to multiple reports from AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler, the findings are illustrative of the group\'s continuous efforts to refine and retool its tactics to sidestep detection. "]]> 2023-03-22T17:54:00+00:00 https://thehackernews.com/2023/03/scarcrufts-evolving-arsenal-researchers.html www.secnews.physaphae.fr/article.php?IdArticle=8320487 False Malware,Threat,General Information,Cloud APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-17T16:16:00+00:00 https://thehackernews.com/2023/03/a-new-security-category-addresses-web.html www.secnews.physaphae.fr/article.php?IdArticle=8319390 False General Information,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-13T17:53:00+00:00 https://thehackernews.com/2023/03/how-to-apply-nist-principles-to-saas-in.html www.secnews.physaphae.fr/article.php?IdArticle=8318056 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-08T22:00:00+00:00 https://thehackernews.com/2023/03/jenkins-security-alert-new-security.html www.secnews.physaphae.fr/article.php?IdArticle=8316729 False Guideline,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-06T17:21:00+00:00 https://thehackernews.com/2023/03/experts-reveal-google-cloud-platforms.html www.secnews.physaphae.fr/article.php?IdArticle=8315938 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-04T17:03:00+00:00 https://thehackernews.com/2023/03/security-and-it-teams-no-longer-need-to.html www.secnews.physaphae.fr/article.php?IdArticle=8315564 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-02T19:10:00+00:00 https://thehackernews.com/2023/03/hackers-exploit-containerized.html www.secnews.physaphae.fr/article.php?IdArticle=8314995 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-02T17:05:00+00:00 https://thehackernews.com/2023/03/2023-browser-security-report-uncovers.html www.secnews.physaphae.fr/article.php?IdArticle=8314977 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-02-27T20:09:00+00:00 https://thehackernews.com/2023/02/shocking-findings-from-2023-third-party.html www.secnews.physaphae.fr/article.php?IdArticle=8313698 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-02-24T19:31:00+00:00 https://thehackernews.com/2023/02/how-to-tackle-top-saas-challenges-of.html www.secnews.physaphae.fr/article.php?IdArticle=8313168 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-02-15T20:29:00+00:00 https://thehackernews.com/2023/02/north-koreas-apt37-targeting-southern.html www.secnews.physaphae.fr/article.php?IdArticle=8310534 False Malware,Threat,Cloud APT 38,APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-12-08T13:29:00+00:00 https://thehackernews.com/2022/12/google-warns-of-internet-explorer-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8289009 False Vulnerability,Threat,Cloud APT 37 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-12-01T00:00:00+00:00 https://thehackernews.com/2022/12/north-korea-hackers-using-new-dolphin.html www.secnews.physaphae.fr/article.php?IdArticle=8286037 False Threat,Cloud APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-06-24T03:40:50+00:00 https://thehackernews.com/2022/06/google-says-isps-helped-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=5358737 False Malware,Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-06-17T06:12:54+00:00 https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html www.secnews.physaphae.fr/article.php?IdArticle=5220711 False Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-04-26T02:53:07+00:00 https://thehackernews.com/2022/04/north-korean-hackers-target-journalists.html www.secnews.physaphae.fr/article.php?IdArticle=4507625 False Malware,Threat,Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2021-12-07T22:33:02+00:00 https://thehackernews.com/2021/12/warning-yet-another-bitcoin-mining.html www.secnews.physaphae.fr/article.php?IdArticle=3760574 False Malware,Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2021-11-29T05:14:10+00:00 https://thehackernews.com/2021/11/new-chinotto-spyware-targets-north.html www.secnews.physaphae.fr/article.php?IdArticle=3722911 False Threat,Cloud APT 37,APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-08-18T01:33:33+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/f3Q4pG8_fI8/nk-hackers-deploy-browser-exploit-on.html www.secnews.physaphae.fr/article.php?IdArticle=3247579 False Malware,Threat,Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-01-08T01:54:44+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/yF4TY5O24po/alert-north-korean-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=2156910 False Tool,Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2020-11-03T03:49:37+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/6uTYoCnRAAw/new-kimsuky-module-makes-north-korean.html www.secnews.physaphae.fr/article.php?IdArticle=2013136 False Threat,Cloud APT 37 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2017-10-21T00:49:26+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/N3Rrk3CAFZk/iot-botnet-malware-attack.html www.secnews.physaphae.fr/article.php?IdArticle=421826 False Cloud APT 37 None