This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T00:36:11+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel]]> 2023-06-21T11:06:00+00:00 https://thehackernews.com/2023/06/new-condi-malware-hijacking-tp-link-wi.html www.secnews.physaphae.fr/article.php?IdArticle=8347607 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) has come under active exploitation in the wild. The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution. It impacts VMware]]> 2023-06-21T10:30:00+00:00 https://thehackernews.com/2023/06/alert-hackers-exploiting-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8347608 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three security vulnerabilities have been disclosed in operational technology (OT) products from Wago and Schneider Electric. The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors. "OT:ICEFALL demonstrates the need for tighter scrutiny of, and improvements to, processes related to]]> 2023-06-21T00:38:00+00:00 https://thehackernews.com/2023/06/researchers-expose-new-severe-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8347457 False None None 5.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage (NAS) devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992 (CVSS score: 9.8), the issue has been described as a pre-authentication command injection vulnerability. "The pre-authentication command injection vulnerability in some Zyxel]]> 2023-06-20T17:42:00+00:00 https://thehackernews.com/2023/06/zyxel-releases-urgent-security-updates.html www.secnews.physaphae.fr/article.php?IdArticle=8347297 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Quick Serve Restaurant (QSR) industry is built on consistency and shared resources. National chains like McDonald\'s and regional ones like Cracker Barrel grow faster by reusing the same business model, decor, and menu, with little change from one location to the next.  QSR technology stacks mirror the consistency of the front end of each store. Despite each franchise being independently]]> 2023-06-20T17:27:00+00:00 https://thehackernews.com/2023/06/saas-in-real-world-how-global-food.html www.secnews.physaphae.fr/article.php?IdArticle=8347298 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called RDStealer. "The operation was active for more than a year with the end goal of compromising credentials and data exfiltration," Bitdefender security researcher Victor Vrabie said in a technical report shared with The Hacker News. Evidence gathered by the Romanian]]> 2023-06-20T17:25:00+00:00 https://thehackernews.com/2023/06/experts-uncover-year-long-cyber-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8347299 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese company ASUS on Monday released firmware updates to address, among other issues, nine security bugs impacting a wide range of router models. Of the nine security flaws, two are rated Critical and six are rated High in severity. One vulnerability is currently awaiting analysis. The list of impacted products are GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000,]]> 2023-06-20T14:09:00+00:00 https://thehackernews.com/2023/06/asus-releases-patches-to-fix-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8347244 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 100,000 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials. The credentials were discovered within information stealer logs made available for sale on the cybercrime underground, Group-IB said in a report shared with The Hacker News. "The number of]]> 2023-06-20T13:42:00+00:00 https://thehackernews.com/2023/06/over-100000-stolen-chatgpt-account.html www.secnews.physaphae.fr/article.php?IdArticle=8347229 False None ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as APT-C-35 and Viceroy Tiger. The espionage activity involves duping Android smartphone owners into]]> 2023-06-20T10:35:00+00:00 https://thehackernews.com/2023/06/rogue-android-apps-target-pakistani.html www.secnews.physaphae.fr/article.php?IdArticle=8347203 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs extensive mechanisms to resist analysis. "The code is heavily obfuscated making use of polymorphic]]> 2023-06-19T20:51:00+00:00 https://thehackernews.com/2023/06/new-mystic-stealer-malware-targets-40.html www.secnews.physaphae.fr/article.php?IdArticle=8347036 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a set of malicious artifacts that they say is part of a sophisticated toolkit targeting Apple macOS systems. "As of now, these samples are still largely undetected and very little information is available about any of them," Bitdefender researchers Andrei Lapusneanu and Bogdan Botezatu said in a preliminary report published on Friday. The Romanian firm\'s]]> 2023-06-19T18:07:00+00:00 https://thehackernews.com/2023/06/researchers-discover-new-sophisticated.html www.secnews.physaphae.fr/article.php?IdArticle=8347004 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While the use of Infrastructure as Code (IaC) has gained significant popularity as organizations embrace cloud computing and DevOps practices, the speed and flexibility that IaC provides can also introduce the potential for misconfigurations and security vulnerabilities.  IaC allows organizations to define and manage their infrastructure using machine-readable configuration files, which are]]> 2023-06-19T17:21:00+00:00 https://thehackernews.com/2023/06/introducing-ai-guided-remediation-for.html www.secnews.physaphae.fr/article.php?IdArticle=8346948 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Governmental entities in the Middle East and Africa have been at the receiving end of sustained cyber-espionage attacks that leverage never-before-seen and rare credential theft and Exchange email exfiltration techniques. "The main goal of the attacks was to obtain highly confidential and sensitive information, specifically related to politicians, military activities, and ministries of foreign]]> 2023-06-19T15:03:00+00:00 https://thehackernews.com/2023/06/state-backed-hackers-employ-advanced.html www.secnews.physaphae.fr/article.php?IdArticle=8346893 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," the tech giant said in a post on Friday. Storm-#### (]]> 2023-06-19T14:07:00+00:00 https://thehackernews.com/2023/06/microsoft-blames-massive-ddos-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8346894 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks. "The Diicot name is significant, as it\'s also the name of the Romanian organized crime and anti-terrorism policing unit," Cado Security said in a technical report. "In addition,]]> 2023-06-17T12:29:00+00:00 https://thehackernews.com/2023/06/from-cryptojacking-to-ddos-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8346428 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor\'s capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS (DoH) tunneling. ChamelGang was first outed by Russian cybersecurity firm Positive Technologies in September 2021,]]> 2023-06-16T19:24:00+00:00 https://thehackernews.com/2023/06/chameldoh-new-linux-backdoor-utilizing.html www.secnews.physaphae.fr/article.php?IdArticle=8346182 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As Threat Actors Continuously Adapt their TTPs in Today\'s Threat Landscape, So Must You Earlier this year, threat researchers at Cybersixgill released the annual report, The State of the Cybercrime Underground. The research stems from an analysis of Cybersixgill\'s collected intelligence items throughout 2022, gathered from the deep, dark and clear web. The report examines the continuous]]> 2023-06-16T16:42:00+00:00 https://thehackernews.com/2023/06/activities-in-cybercrime-underground.html www.secnews.physaphae.fr/article.php?IdArticle=8346145 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Thursday unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa. Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least five attacks between August 2020 and March 2023. He was arrested in the state of Arizona last]]> 2023-06-16T13:32:00+00:00 https://thehackernews.com/2023/06/20-year-old-russian-lockbit-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8346089 False Ransomware None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies. The new flaw, which is yet to be assigned a CVE identifier, also concerns an SQL injection vulnerability that "could lead to escalated privileges and potential unauthorized access to the environment." The]]> 2023-06-16T09:05:00+00:00 https://thehackernews.com/2023/06/third-flaw-uncovered-in-moveit-transfer.html www.secnews.physaphae.fr/article.php?IdArticle=8346028 False Ransomware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. "Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquire money with a totally clean on-chain original source," blockchain analytics firm Chainalysis said in]]> 2023-06-15T21:50:00+00:00 https://thehackernews.com/2023/06/ransomware-hackers-and-scammers.html www.secnews.physaphae.fr/article.php?IdArticle=8345827 False Ransomware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway (ESG) appliances since October 2022. "UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People\'s Republic of China," Google-owned Mandiant said in a new report published today, describing the group as "]]> 2023-06-15T20:26:00+00:00 https://thehackernews.com/2023/06/chinese-unc4841-group-exploits-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8345792 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi. "Vidar threat actors continue to rotate their backend IP infrastructure, favoring providers in Moldova and Russia," cybersecurity company Team Cymru said in a new analysis shared]]> 2023-06-15T19:18:00+00:00 https://thehackernews.com/2023/06/vidar-malware-using-new-tactics-to.html www.secnews.physaphae.fr/article.php?IdArticle=8345749 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. "Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive commands to delete files," ESET researcher Lukáš Štefanko said in a new report published today. "The]]> 2023-06-15T18:30:00+00:00 https://thehackernews.com/2023/06/warning-gravityrat-android-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8345726 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations\' sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and nature of these risks. The report titled "Revealing the True GenAI Data Exposure Risk" provides crucial insights for data protection stakeholders and]]> 2023-06-15T17:28:00+00:00 https://thehackernews.com/2023/06/new-research-6-of-employees-paste.html www.secnews.physaphae.fr/article.php?IdArticle=8345727 False Studies ChatGPT,ChatGPT 5.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In what\'s a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. "Malicious binaries steal the user IDs, passwords, local machine environment variables, and local host name, and then exfiltrates the stolen data to the hijacked]]> 2023-06-15T17:26:00+00:00 https://thehackernews.com/2023/06/new-supply-chain-attack-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8345728 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec said in a new report shared with The Hacker News. "In some cases, the]]> 2023-06-15T15:31:00+00:00 https://thehackernews.com/2023/06/new-report-reveals-shuckworms-long.html www.secnews.physaphae.fr/article.php?IdArticle=8345704 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday took the lid off a "novel and distinct Russian threat actor," which it said is linked to the General Staff Main Intelligence Directorate (GRU) and has a "relatively low success rate." The tech giant\'s Threat Intelligence team, which was previously tracking the group under its emerging moniker DEV-0586, has graduated it to a named actor dubbed Cadet Blizzard. "Cadet]]> 2023-06-15T14:30:00+00:00 https://thehackernews.com/2023/06/microsoft-warns-of-new-russian-state.html www.secnews.physaphae.fr/article.php?IdArticle=8345658 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That\'s according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC]]> 2023-06-15T10:39:00+00:00 https://thehackernews.com/2023/06/lockbit-ransomware-extorts-91-million.html www.secnews.physaphae.fr/article.php?IdArticle=8345607 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867 (CVSS score: 3.9), "enabled the execution of privileged commands across Windows, Linux, and PhotonOS (vCenter) guest VMs without authentication of guest credentials]]> 2023-06-14T22:16:00+00:00 https://thehackernews.com/2023/06/chinese-hackers-exploit-vmware-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8345383 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two "dangerous" security vulnerabilities have been disclosed in Microsoft Azure Bastion and Azure Container Registry that could have been exploited to carry out cross-site scripting (XSS) attacks. "The vulnerabilities allowed unauthorized access to the victim\'s session within the compromised Azure service iframe, which can lead to severe consequences, including unauthorized data access,]]> 2023-06-14T19:11:00+00:00 https://thehackernews.com/2023/06/severe-vulnerabilities-reported-in.html www.secnews.physaphae.fr/article.php?IdArticle=8345325 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish this task, it searches for data stored in applications such as Discord and web browsers; information]]> 2023-06-14T16:13:00+00:00 https://thehackernews.com/2023/06/new-golang-based-skuld-malware-stealing.html www.secnews.physaphae.fr/article.php?IdArticle=8345285 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone is nice out there" (later coined by Gandalf as "You shall not pass"). So CIOs started to supercharge their network fences with every appliance they could get to protect against inbound (aka INGRESS) traffic. In the wake of the first mass phishing campaigns in the early 2010s,]]> 2023-06-14T16:09:00+00:00 https://thehackernews.com/2023/06/where-from-where-to-evolution-of.html www.secnews.physaphae.fr/article.php?IdArticle=8345286 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept (PoC) exploit for purported zero-day flaws in Discord, Google Chrome, and Microsoft Exchange. VulnCheck, which]]> 2023-06-14T15:51:00+00:00 https://thehackernews.com/2023/06/fake-researcher-profiles-spread-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8345267 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive information. The flaw, tracked as CVE-2023-34000, impacts versions 7.4.0 and below. It was addressed by the plugin maintainers in version 7.4.1, which shipped on May 30, 2023. WooCommerce Stripe Gateway allows e-commerce websites to directly accept]]> 2023-06-14T14:03:00+00:00 https://thehackernews.com/2023/06/critical-security-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8345206 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. Of the 73 flaws, six are rated Critical, 63 are rated Important, two are rated Moderated, and one is rated Low in severity. This also includes three issues the tech giant addressed in its Chromium-based Edge browser]]> 2023-06-14T13:20:00+00:00 https://thehackernews.com/2023/06/microsoft-releases-updates-to-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8345187 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel multi-stage loader called DoubleFinger has been observed delivering a cryptocurrency stealer dubbed GreetingGhoul in what\'s an advanced attack targeting users in Europe, the U.S., and Latin America. "DoubleFinger is deployed on the target machine, when the victim opens a malicious PIF attachment in an email message, ultimately executing the first of DoubleFinger\'s loader stages,"]]> 2023-06-13T21:01:00+00:00 https://thehackernews.com/2023/06/beware-new-doublefinger-loader-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8344867 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It might come as a surprise, but secrets management has become the elephant in the AppSec room. While security vulnerabilities like Common Vulnerabilities and Exposures (CVEs) often make headlines in the cybersecurity world, secrets management remains an overlooked issue that can have immediate and impactful consequences for corporate safety.  A recent study by GitGuardian found that 75% of IT]]> 2023-06-13T19:23:00+00:00 https://thehackernews.com/2023/06/over-half-of-security-leaders-lack.html www.secnews.physaphae.fr/article.php?IdArticle=8344850 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) "Dozens" of organizations across the world have been targeted as part of a broad business email compromise (BEC) campaign that involved the use of adversary-in-the-middle (AitM) techniques to carry out the attacks. "Following a successful phishing attempt, the threat actor gained initial access to one of the victim employee\'s account and executed an \'adversary-in-the-middle\' attack to bypass]]> 2023-06-13T19:09:00+00:00 https://thehackernews.com/2023/06/adversary-in-middle-attack-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8344822 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Believe it or not, your attack surface is expanding faster than you realize. How? APIs, of course! More formally known as application programming interfaces, API calls are growing twice as fast as HTML traffic, making APIs an ideal candidate for new security solutions aimed at protecting customer data, according to Cloudflare. According to the "Quantifying the Cost of API Insecurity" report, US]]> 2023-06-13T16:20:00+00:00 https://thehackernews.com/2023/06/webinar-mastering-api-security.html www.secnews.physaphae.fr/article.php?IdArticle=8344776 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been accused of conspiring to launder approximately 647,000 bitcoins stolen from September 2011 through at]]> 2023-06-13T16:09:00+00:00 https://thehackernews.com/2023/06/two-russian-nationals-charged-for.html www.secnews.physaphae.fr/article.php?IdArticle=8344777 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been "exploited in a limited number of cases" in attacks targeting government, manufacturing, and critical infrastructure sectors. The vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), concerns a heap-based buffer overflow vulnerability in FortiOS and FortiProxy SSL-VPN that could]]> 2023-06-13T09:51:00+00:00 https://thehackernews.com/2023/06/critical-fortios-and-fortiproxy.html www.secnews.physaphae.fr/article.php?IdArticle=8344693 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have warned about an "easily exploitable" flaw in the Microsoft Visual Studio installer that could be abused by a malicious actor to impersonate a legitimate publisher and distribute malicious extensions. "A threat actor could impersonate a popular publisher and issue a malicious extension to compromise a targeted system," Varonis researcher Dolev Taler said. "Malicious]]> 2023-06-12T18:17:00+00:00 https://thehackernews.com/2023/06/researchers-uncover-publisher-spoofing.html www.secnews.physaphae.fr/article.php?IdArticle=8344399 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years. Gartner and Forrester have both highlighted the importance of ASM recently, multiple solution providers have emerged in the space, and investment and acquisition activity have seen an uptick. Many concepts come and go in cybersecurity, but attack surface management]]> 2023-06-12T15:34:00+00:00 https://thehackernews.com/2023/06/why-now-rise-of-attack-surface.html www.secnews.physaphae.fr/article.php?IdArticle=8344339 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A fully undetectable (FUD) malware obfuscation engine named BatCloak is being used to deploy various malware strains since September 2022, while persistently evading antivirus detection. The samples grant "threat actors the ability to load numerous malware families and exploits with ease through highly obfuscated batch files," Trend Micro researchers said. About 79.6% of the total 784 artifacts]]> 2023-06-12T15:33:00+00:00 https://thehackernews.com/2023/06/cybercriminals-using-powerful-batcloak.html www.secnews.physaphae.fr/article.php?IdArticle=8344340 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security vulnerabilities discovered in Honda\'s e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. "Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account," security researcher Eaton Zveare said in a report published last week. The platform is designed for the sale of power]]> 2023-06-12T13:56:00+00:00 https://thehackernews.com/2023/06/password-reset-hack-exposed-in-hondas-e.html www.secnews.physaphae.fr/article.php?IdArticle=8344319 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers said in a report published last week, linking it to a Russian-speaking threat actor named "Impulse]]> 2023-06-12T13:00:00+00:00 https://thehackernews.com/2023/06/beware-1000-fake-cryptocurrency-sites.html www.secnews.physaphae.fr/article.php?IdArticle=8344320 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution. The vulnerability, tracked as CVE-2023-27997, is "reachable pre-authentication, on every SSL VPN appliance," Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over the weekend. Details]]> 2023-06-12T12:19:00+00:00 https://thehackernews.com/2023/06/critical-rce-flaw-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8344305 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple is introducing major updates to Safari Private Browsing, offering users better protections against third-party trackers as they browse the web. "Advanced tracking and fingerprinting protections go even further to help prevent websites from using the latest techniques to track or identify a user\'s device," the iPhone maker said. "Private Browsing now locks when not in use, allowing a user]]> 2023-06-12T10:06:00+00:00 https://thehackernews.com/2023/06/apples-safari-private-browsing-now.html www.secnews.physaphae.fr/article.php?IdArticle=8344260 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER is a heavily obfuscated, previously undisclosed, x64 backdoor that brings PE loading and injection, file upload and download, file and directory manipulation, and token impersonation capabilities," Elastic Security Labs said in a Friday report. The]]> 2023-06-10T17:34:00+00:00 https://thehackernews.com/2023/06/new-spectralviper-backdoor-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8343912 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting the file transfer solution that could enable the theft of sensitive information. "Multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain]]> 2023-06-10T14:20:00+00:00 https://thehackernews.com/2023/06/new-critical-moveit-transfer-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8343880 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. "The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC activity spanning multiple organizations," the tech giant disclosed in a Thursday]]> 2023-06-09T21:23:00+00:00 https://thehackernews.com/2023/06/microsoft-uncovers-banking-aitm.html www.secnews.physaphae.fr/article.php?IdArticle=8343710 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020. "It is a crimeware group that targets bank customers and cryptocurrency traders in various regions, including North America and Europe," ESET said in an analysis published Thursday. "Asylum Ambuscade also does espionage against government entities in Europe]]> 2023-06-09T19:07:00+00:00 https://thehackernews.com/2023/06/asylum-ambuscade-cybercrime-group-with.html www.secnews.physaphae.fr/article.php?IdArticle=8343674 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The way we work has undergone a dramatic transformation in recent years. We now operate within digital ecosystems, where remote work and the reliance on a multitude of digital tools is the norm rather than the exception. This shift – as you likely know from your own life – has led to superhuman levels of productivity that we wouldn\'t ever want to give up. But moving fast comes at a cost. And for]]> 2023-06-09T16:47:00+00:00 https://thehackernews.com/2023/06/5-reasons-why-access-management-is-key.html www.secnews.physaphae.fr/article.php?IdArticle=8343646 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new custom backdoor dubbed Stealth Soldier has been deployed as part of a set of highly-targeted espionage attacks in North Africa. "Stealth Soldier malware is an undocumented backdoor that primarily operates surveillance functions such as file exfiltration, screen and microphone recording, keystroke logging and stealing browser information," cybersecurity company Check Point said in a]]> 2023-06-09T11:27:00+00:00 https://thehackernews.com/2023/06/stealth-soldier-new-custom-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8343514 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems. The vulnerability, tracked as CVE-2023-29336, is rated 7.8 for severity and concerns an elevation of privilege bug in the Win32k component. "An attacker who successfully exploited this vulnerability could gain]]> 2023-06-08T20:29:00+00:00 https://thehackernews.com/2023/06/experts-unveil-poc-exploit-for-recent.html www.secnews.physaphae.fr/article.php?IdArticle=8343331 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have published a joint advisory regarding the active exploitation of a recently disclosed critical flaw in Progress Software\'s MOVEit Transfer application to drop ransomware. "The Cl0p Ransomware Gang, also known as TA505, reportedly began exploiting a previously unknown SQL injection]]> 2023-06-08T19:26:00+00:00 https://thehackernews.com/2023/06/clop-ransomware-gang-likely-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8343332 False Ransomware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level of connectivity doesn\'t come without major risks. Hackers can exploit vulnerabilities in APIs to gain unauthorized access to sensitive data or even take control of the entire system. Therefore, it\'s essential to have a robust API security posture to]]> 2023-06-08T16:58:00+00:00 https://thehackernews.com/2023/06/how-to-improve-your-api-security-posture.html www.secnews.physaphae.fr/article.php?IdArticle=8343333 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 (CVSS score: 9.8) that could allow a malicious actor with network access to achieve remote code execution. Also patched by]]> 2023-06-08T10:48:00+00:00 https://thehackernews.com/2023/06/urgent-security-updates-cisco-and.html www.secnews.physaphae.fr/article.php?IdArticle=8343242 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in North Korean affairs with the goal of stealing Google credentials and delivering reconnaissance malware. "Further, Kimsuky\'s objective extends to the theft of subscription credentials from NK News," cybersecurity firm SentinelOne said in a report shared with The]]> 2023-06-08T09:53:00+00:00 https://thehackernews.com/2023/06/kimsuky-targets-think-tanks-and-news.html www.secnews.physaphae.fr/article.php?IdArticle=8343243 False Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Enterprise security company Barracuda is now urging customers who were impacted by a recently disclosed zero-day flaw in its Email Security Gateway (ESG) appliances to immediately replace them. "Impacted ESG appliances must be immediately replaced regardless of patch version level," the company said in an update, adding its "remediation recommendation at this time is full replacement of the]]> 2023-06-08T09:11:00+00:00 https://thehackernews.com/2023/06/barracuda-urges-immediate-replacement.html www.secnews.physaphae.fr/article.php?IdArticle=8343221 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has agreed to pay a penalty of $20 million to settle U.S. Federal Trade Commission (FTC) charges that the company illegally collected and retained the data of children who signed up to use its Xbox video game console without their parents\' knowledge or consent. "Our proposed order makes it easier for parents to protect their children\'s privacy on Xbox, and limits what information]]> 2023-06-07T18:51:00+00:00 https://thehackernews.com/2023/06/microsoft-to-pay-20-million-penalty-for.html www.secnews.physaphae.fr/article.php?IdArticle=8343026 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Get exclusive insights from a real ransomware negotiator who shares authentic stories from network hostage situations and how he managed them. The Ransomware Industry Ransomware is an industry. As such, it has its own business logic: organizations pay money, in crypto-currency, in order to regain control over their systems and data. This industry\'s landscape is made up of approximately 10-20]]> 2023-06-07T16:49:00+00:00 https://thehackernews.com/2023/06/winning-mind-game-role-of-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8343001 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023. "The name is derived from the tool,]]> 2023-06-07T10:10:00+00:00 https://thehackernews.com/2023/06/new-powerdrop-malware-targeting-us.html www.secnews.physaphae.fr/article.php?IdArticle=8342807 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim\'s account by performing web injections into targeted cryptocurrency websites," Kaspersky]]> 2023-06-06T23:51:00+00:00 https://thehackernews.com/2023/06/new-malware-campaign-leveraging-satacom.html www.secnews.physaphae.fr/article.php?IdArticle=8342669 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular apps to redirect users to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue," Bitdefender said in a technical report shared with The Hacker News. "However,]]> 2023-06-06T18:47:00+00:00 https://thehackernews.com/2023/06/over-60k-adware-apps-posing-as-cracked.html www.secnews.physaphae.fr/article.php?IdArticle=8342578 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attacks on critical infrastructure and other OT systems are on the rise as digital transformation and OT/IT convergence continue to accelerate. Water treatment facilities, energy providers, factories, and chemical plants - the infrastructure that undergirds our daily lives could all be at risk. Disrupting or manipulating OT systems stands to pose real physical harm to citizens, environments, and]]> 2023-06-06T17:14:00+00:00 https://thehackernews.com/2023/06/5-reasons-why-it-security-tools-dont.html www.secnews.physaphae.fr/article.php?IdArticle=8342546 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google\'s Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type]]> 2023-06-06T15:51:00+00:00 https://thehackernews.com/2023/06/zero-day-alert-google-issues-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8342518 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that\'s designed to capture sensitive data from infected hosts. "The threat actor behind this [ransomware-as-a-service] promotes its offering on forums," Uptycs said in a new report. "There it requests a share of profits from those engaging in malicious activities using its malware."]]> 2023-06-06T12:27:00+00:00 https://thehackernews.com/2023/06/cyclops-ransomware-gang-offers-go-based.html www.secnews.physaphae.fr/article.php?IdArticle=8342414 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that\'s targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened URL to conceal the actual]]> 2023-06-06T10:00:00+00:00 https://thehackernews.com/2023/06/chinese-postalfurious-gang-strikes-uae.html www.secnews.physaphae.fr/article.php?IdArticle=8342388 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated attacker to cause a]]> 2023-06-06T09:46:00+00:00 https://thehackernews.com/2023/06/zyxel-firewalls-under-attack-urgent.html www.secnews.physaphae.fr/article.php?IdArticle=8342380 False Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft Threat Intelligence team said in a series of tweets today. "CVE-2023-34362 allows attackers to]]> 2023-06-05T17:33:00+00:00 https://thehackernews.com/2023/06/microsoft-lace-tempest-hackers-behind.html www.secnews.physaphae.fr/article.php?IdArticle=8342144 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 55% of security executives report that they have experienced a SaaS security incident in the past two years - ranging from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2). Figure 1. How many organizations have experienced a SaaS security incident within the past two years The SaaS Security Survey Report: Plans and Priorities for 2024,]]> 2023-06-05T17:25:00+00:00 https://thehackernews.com/2023/06/the-annual-report-2024-plans-and.html www.secnews.physaphae.fr/article.php?IdArticle=8342132 False Ransomware,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that\'s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked sites further serve as "makeshift" command-and-control (C2) servers, using the cover to facilitate the]]> 2023-06-05T11:59:00+00:00 https://thehackernews.com/2023/06/magento-woocommerce-wordpress-and.html www.secnews.physaphae.fr/article.php?IdArticle=8342062 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. "This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to carry out its malicious activities," the BlackBerry Research and Intelligence Team said in a report]]> 2023-06-05T10:18:00+00:00 https://thehackernews.com/2023/06/brazilian-cybercriminals-using-lolbas.html www.secnews.physaphae.fr/article.php?IdArticle=8342039 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. "TrueBot is a downloader trojan botnet that uses command and control servers to collect information on compromised systems and uses that compromised system as a launching point for further attacks," VMware\'s Fae Carlisle said. Active since at least 2017, TrueBot is linked to a group known as Silence that\'s]]> 2023-06-05T10:01:00+00:00 https://thehackernews.com/2023/06/alarming-surge-in-truebot-activity.html www.secnews.physaphae.fr/article.php?IdArticle=8342040 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an "extremely high degree of similarity" between Royal and BlackSuit. "In fact, they\'re nearly identical, with 98% similarities in]]> 2023-06-03T13:50:00+00:00 https://thehackernews.com/2023/06/new-linux-ransomware-strain-blacksuit.html www.secnews.physaphae.fr/article.php?IdArticle=8341739 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent. EC-Council, the global leader in cybersecurity education and training, released its Certified Chief Information Security Officer Hall of Fame]]> 2023-06-03T13:40:00+00:00 https://thehackernews.com/2023/06/cloud-security-tops-concerns-for.html www.secnews.physaphae.fr/article.php?IdArticle=8341740 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises a $25 million penalty for breaching children\'s privacy laws by retaining their Alexa voice recordings for indefinite time periods and preventing parents from exercising their deletion rights. "Amazon\'s history]]> 2023-06-03T13:35:00+00:00 https://thehackernews.com/2023/06/ftc-slams-amazon-with-308m-fine-for.html www.secnews.physaphae.fr/article.php?IdArticle=8341741 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim\'s Outlook mailbox, exfiltrate contacts\' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim\'s mailbox," Cisco Talos researcher Chetan Raghuprasad]]> 2023-06-02T17:33:00+00:00 https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8341484 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it?  Data security posture management (DSPM) became mainstream following the publication]]> 2023-06-02T15:46:00+00:00 https://thehackernews.com/2023/06/the-importance-of-managing-your-data.html www.secnews.physaphae.fr/article.php?IdArticle=8341460 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that\'s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines." What the malware lacks in]]> 2023-06-02T15:38:00+00:00 https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html www.secnews.physaphae.fr/article.php?IdArticle=8341450 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors\' use of social engineering tactics to strike think tanks, academia, and news media sectors. The "sustained information gathering efforts" have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (]]> 2023-06-02T11:15:00+00:00 https://thehackernews.com/2023/06/north-koreas-kimsuky-group-mimics-key.html www.secnews.physaphae.fr/article.php?IdArticle=8341407 False None APT 43 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical flaw in Progress Software\'s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems. The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL injection vulnerability that could lead to escalated privileges and potential unauthorized access to the environment. "An SQL injection]]> 2023-06-02T08:55:00+00:00 https://thehackernews.com/2023/06/moveit-transfer-under-attack-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8341379 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What\'s more, 50% of the servers don\'t remain active for more than a week, indicating the use of an adaptable and dynamic C2 infrastructure, Lumen Black Lotus Labs said in a report shared with The Hacker News. "This botnet has adapted]]> 2023-06-01T21:41:00+00:00 https://thehackernews.com/2023/06/evasive-qbot-malware-leverages-short.html www.secnews.physaphae.fr/article.php?IdArticle=8341271 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data," Kaspersky said. The Russian]]> 2023-06-01T20:44:00+00:00 https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html www.secnews.physaphae.fr/article.php?IdArticle=8341248 False Malware,Hack,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, "Nguyen Huu Tai, who also goes by the names Joe Nguyen and Thanh Nguyen, has the strongest likelihood of being involved with the XE Group." XE]]> 2023-06-01T20:25:00+00:00 https://thehackernews.com/2023/06/unmasking-xe-group-experts-reveal.html www.secnews.physaphae.fr/article.php?IdArticle=8341249 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed," ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News. The package]]> 2023-06-01T17:46:00+00:00 https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html www.secnews.physaphae.fr/article.php?IdArticle=8341203 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IT hygiene is a security best practice that ensures that digital assets in an organization\'s environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in an environment. As technology advances and the tools used by]]> 2023-06-01T17:24:00+00:00 https://thehackernews.com/2023/06/how-wazuh-improves-it-hygiene-for-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8341204 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a "number of updated capabilities that strengthen the group\'s efforts to evade detection," IBM Security X-Force said in a new analysis. The "]]> 2023-06-01T14:49:00+00:00 https://thehackernews.com/2023/06/improved-blackcat-ransomware-strikes.html www.secnews.physaphae.fr/article.php?IdArticle=8341159 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that\'s employed by the North Korean state-sponsored actor known as ScarCruft. "RokRAT is a sophisticated remote access trojan (RAT) that has been observed as a critical component within the attack chain, enabling the threat actors to gain unauthorized access, exfiltrate sensitive information, and potentially]]> 2023-06-01T12:28:00+00:00 https://thehackernews.com/2023/06/n-korean-scarcruft-hackers-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8341141 False Threat APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting different firewall models that could enable an unauthenticated attacker]]> 2023-06-01T09:47:00+00:00 https://thehackernews.com/2023/06/active-mirai-botnet-variant-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8341103 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that\'s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0, which was released in November 2012. “This vulnerability could be used by authors on a site to manipulate any files in the]]> 2023-06-01T09:31:00+00:00 https://thehackernews.com/2023/06/urgent-wordpress-update-fixes-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8341104 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023. “Persistence is achieved via timed processors or entries to cron,” said Dr.]]> 2023-05-31T21:14:00+00:00 https://thehackernews.com/2023/05/cybercriminals-targeting-apache-nifi.html www.secnews.physaphae.fr/article.php?IdArticle=8340928 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue. "Most Gigabyte firmware includes a Windows]]> 2023-05-31T18:48:00+00:00 https://thehackernews.com/2023/05/critical-firmware-vulnerability-in.html www.secnews.physaphae.fr/article.php?IdArticle=8340880 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations, leading to unauthorized access to sensitive data. Data security firm Varonis dubbed the abandoned, unprotected, and unmonitored resources “ghost sites.” “When these Communities are no longer needed, though, they are often set aside but not deactivated,” Varonis]]> 2023-05-31T18:30:00+00:00 https://thehackernews.com/2023/05/beware-of-ghost-sites-silent-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8340881 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. Specifically, the flaw – dubbed Migraine and tracked as CVE-2023-32369 – could be abused to get around a key security measure called System Integrity Protection (SIP), or “rootless,” which]]> 2023-05-31T17:27:00+00:00 https://thehackernews.com/2023/05/microsoft-details-critical-apple-macos.html www.secnews.physaphae.fr/article.php?IdArticle=8340867 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently and effectively is no small task – but with a small investment of time, you can master threat hunting and save your organization millions of dollars. Consider this staggering statistic. Cybersecurity Ventures estimates that cybercrime will take a $10.5 trillion toll on the global]]> 2023-05-31T17:17:00+00:00 https://thehackernews.com/2023/05/6-steps-to-effective-threat-hunting.html www.secnews.physaphae.fr/article.php?IdArticle=8340868 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This includes educational entities, government agencies, military bodies, and non-profit organizations, indicating the adversarial crew\'s continued focus on high-value targets. Dark Pink, also called Saaiwc]]> 2023-05-31T14:28:00+00:00 https://thehackernews.com/2023/05/dark-pink-apt-group-leverages.html www.secnews.physaphae.fr/article.php?IdArticle=8340823 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical Scorpius (Unit 42) and UNC2596 (Mandiant). "These lure sites are most likely only meant for a small]]> 2023-05-31T14:00:00+00:00 https://thehackernews.com/2023/05/romcom-rat-using-deceptive-web-of-rogue.html www.secnews.physaphae.fr/article.php?IdArticle=8340811 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had been abused by threat actors since October 2022 to backdoor the devices. The latest findings show that the critical vulnerability, tracked as CVE-2023-2868 (CVSS score: N/A), has been actively exploited for at least seven months prior to its discovery.]]> 2023-05-31T10:55:00+00:00 https://thehackernews.com/2023/05/alert-hackers-exploit-barracuda-email.html www.secnews.physaphae.fr/article.php?IdArticle=8340751 False Threat None 2.0000000000000000