www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T14:20:11+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware émet des correctifs de sécurité pour ESXi, poste de travail et défauts de fusion<br>VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB controller. They carry a CVSS score of 9.3 for Workstation and Fusion, and 8.4 for ESXi systems. "A]]> 2024-03-06T12:50:00+00:00 https://thehackernews.com/2024/03/vmware-issues-security-patches-for-esxi.html www.secnews.physaphae.fr/article.php?IdArticle=8459727 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alerte: GhostSec et Stormous Lancent les attaques du ransomware conjointe dans plus de 15 pays<br>Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News. “GhostLocker and]]> 2024-03-06T12:41:00+00:00 https://thehackernews.com/2024/03/alert-ghostsec-and-stormous-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8459706 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveau groupe apt \\ 'Lotus Bane \\' derrière les attaques récentes contre les entités financières du Vietnam \\<br>New APT Group \\'Lotus Bane\\' Behind Recent Attacks on Vietnam\\'s Financial Entities A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the hacking outfit as an advanced persistent threat group that\'s believed to have been active since at least 2022. The exact specifics of the infection chain remain unknown as yet, but it involves the]]> 2024-03-06T12:31:00+00:00 https://thehackernews.com/2024/03/new-apt-group-lotus-bane-behind-recent.html www.secnews.physaphae.fr/article.php?IdArticle=8459707 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Urgent: Apple émet des mises à jour critiques pour les défauts nuls exploités activement<br>Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below - CVE-2024-23225 - A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 - A memory]]> 2024-03-06T11:24:00+00:00 https://thehackernews.com/2024/03/urgent-apple-issues-critical-updates.html www.secnews.physaphae.fr/article.php?IdArticle=8459668 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates exploitent ConnectWise Screenconnect Flaws pour déployer des logiciels malveillants Toddlershark<br>Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to the victim workstation by exploiting the exposed setup wizard]]> 2024-03-05T21:48:00+00:00 https://thehackernews.com/2024/03/hackers-exploit-connectwise.html www.secnews.physaphae.fr/article.php?IdArticle=8459407 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Qu'est-ce que la gestion de l'exposition et en quoi diffère-t-elle d'ASM?<br>What is Exposure Management and How Does it Differ from ASM? Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem assets. While there has been a bit of a backswing against the pricing and lock-in presented when using]]> 2024-03-05T16:25:00+00:00 https://thehackernews.com/2024/03/what-is-exposure-management-and-how.html www.secnews.physaphae.fr/article.php?IdArticle=8459271 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybercriminels utilisant une nouvelle technique de détournement de DNS pour les escroqueries d'investissement<br>Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. “Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” Infoblox said in a report]]> 2024-03-05T16:23:00+00:00 https://thehackernews.com/2024/03/cybercriminals-using-novel-dns.html www.secnews.physaphae.fr/article.php?IdArticle=8459272 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Plus de 225 000 informations d'identification CHATGPT compromises en vente sur les marchés Web sombres<br>Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware. “The number of infected devices decreased slightly in mid- and late]]> 2024-03-05T16:08:00+00:00 https://thehackernews.com/2024/03/over-225000-compromised-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8459273 False Malware ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AVERTISSEMENT: l'attaque de détournement de fil cible les réseaux, le vol de hachages NTLM<br>Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this]]> 2024-03-05T15:55:00+00:00 https://thehackernews.com/2024/03/warning-thread-hijacking-attack-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8459245 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Critical JetBrains TeamCity sur site Les défauts pourraient conduire à des prises de contrôle du serveur<br>Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The]]> 2024-03-05T09:04:00+00:00 https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html www.secnews.physaphae.fr/article.php?IdArticle=8459112 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment les cybercriminels exploitent les opérations de l'Inde \\ 's pour le blanchiment d'argent<br>How Cybercriminals are Exploiting India\\'s UPI for Money Laundering Operations Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a "key tool for onboarding and managing these money mules," CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam ]]> 2024-03-04T19:20:00+00:00 https://thehackernews.com/2024/03/how-cybercriminals-are-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8458868 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) De 500 à 5000 employés - sécurisation de l'application tiers dans les sociétés de mi-parcours<br>From 500 to 5000 Employees - Securing 3rd Party App-Usage in Mid-Market Companies A company\'s lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and malicious actors remain active around the clock, budgets are often stagnant at best. Yet, it is crucial]]> 2024-03-04T16:42:00+00:00 https://thehackernews.com/2024/03/from-500-to-5000-employees-securing-3rd.html www.secnews.physaphae.fr/article.php?IdArticle=8458807 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Plus de 100 modèles malveillants AI / ML trouvés sur la plate-forme de visage étreint<br>Over 100 Malicious AI/ML Models Found on Hugging Face Platform As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. "The model\'s payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims\']]> 2024-03-04T14:52:00+00:00 https://thehackernews.com/2024/03/over-100-malicious-aiml-models-found-on.html www.secnews.physaphae.fr/article.php?IdArticle=8458766 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phobos Ransomware ciblant agressivement l'infrastructure critique américaine<br>Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and]]> 2024-03-04T10:54:00+00:00 https://thehackernews.com/2024/03/phobos-ransomware-aggressively.html www.secnews.physaphae.fr/article.php?IdArticle=8458699 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les ordonnances du tribunal américain NSO ne remettent pas le code spyware de Pegasus à WhatsApp<br>U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant\'s ongoing litigation against the Israeli spyware vendor. The decision, which marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximately]]> 2024-03-02T11:53:00+00:00 https://thehackernews.com/2024/03/us-court-orders-nso-group-to-hand-over.html www.secnews.physaphae.fr/article.php?IdArticle=8457852 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les États-Unis facturent un piratage iranien, offre une récompense de 10 millions de dollars pour la capture<br>U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including the U.S. Departments of the Treasury and State, defense contractors that support U.S. Department of]]> 2024-03-02T10:08:00+00:00 https://thehackernews.com/2024/03/us-charges-iranian-hacker-offers-10.html www.secnews.physaphae.fr/article.php?IdArticle=8457834 False Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Un nouveau kit de phishing exploite les SMS, les appels vocaux pour cibler les utilisateurs de crypto-monnaie<br>New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. “This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs,]]> 2024-03-01T19:02:00+00:00 https://thehackernews.com/2024/03/new-phishing-kit-leverages-sms-voice.html www.secnews.physaphae.fr/article.php?IdArticle=8457530 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 4 Post-mortems instructifs sur les temps d'arrêt des données et la perte<br>4 Instructive Postmortems on Data Downtime and Loss More than a decade ago, the concept of the \'blameless\' postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: “One option is to assume the single cause is incompetence and scream at engineers to make them]]> 2024-03-01T16:38:00+00:00 https://thehackernews.com/2024/03/4-instructive-postmortems-on-data.html www.secnews.physaphae.fr/article.php?IdArticle=8457479 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle variante de logiciels malveillants Bifrose Linux utilisant un domaine VMware trompeur pour l'évasion<br>New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of Bifrost aims to bypass security measures and compromise targeted systems," Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth Sharma said. BIFROSE is one of the long-standing]]> 2024-03-01T16:26:00+00:00 https://thehackernews.com/2024/03/new-bifrose-linux-malware-variant-using.html www.secnews.physaphae.fr/article.php?IdArticle=8457480 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cinq agences des yeux mettent en garde contre l'exploitation active des vulnérabilités de la passerelle Ivanti<br>Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security. "Ivanti ICT is not sufficient to detect compromise and that a cyber threat actor may be able]]> 2024-03-01T11:56:00+00:00 https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html www.secnews.physaphae.fr/article.php?IdArticle=8457395 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub déploie la protection push de la balayage secret par défaut pour les référentiels publics<br>GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories GitHub on Thursday announced that it\'s enabling secret scanning push protection by default for all pushes to public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the option to remove the secret from your commits or, if you deem the secret safe, bypass the block,” Eric Tooley and Courtney Claessens said. Push protection&]]> 2024-03-01T10:59:00+00:00 https://thehackernews.com/2024/03/github-rolls-out-default-secret.html www.secnews.physaphae.fr/article.php?IdArticle=8457353 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New Silver Saml Attack échappe aux défenses Golden Saml dans les systèmes d'identité<br>New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as Salesforce,” Semperis]]> 2024-02-29T20:51:00+00:00 https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html www.secnews.physaphae.fr/article.php?IdArticle=8457062 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GTPDOOOR Linux MALWare cible les télécommunications, exploitant les réseaux d'itinérance GPRS<br>GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks Threat hunters have discovered a new Linux malware called GTPDOOR that\'s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. GPRS roaming allows subscribers to access their GPRS services while they are]]> 2024-02-29T17:03:00+00:00 https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html www.secnews.physaphae.fr/article.php?IdArticle=8456928 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment hiérarchiser les dépenses de cybersécurité: une stratégie basée sur les risques pour le ROI le plus élevé<br>How to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROI As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around - and hackers dreaming up new exploits every day - how do you create proactive, agile cybersecurity strategies? And what cybersecurity approach gives you the most bang for your buck, mitigating your risks and maximizing the value of your]]> 2024-02-29T16:49:00+00:00 https://thehackernews.com/2024/02/why-risk-based-approach-to.html www.secnews.physaphae.fr/article.php?IdArticle=8456929 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates de Lazarus ont exploité la faille du noyau Windows comme zéro-jour lors d'attaques récentes<br>Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It was resolved by Microsoft earlier this month as part]]> 2024-02-29T16:49:00+00:00 https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8456930 False Vulnerability,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle porte dérobée ciblant les responsables européens liés aux événements diplomatiques indiens<br>New Backdoor Targeting European Officials Linked to Indian Diplomatic Events A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, inviting diplomatic staff to a wine-tasting]]> 2024-02-29T13:49:00+00:00 https://thehackernews.com/2024/02/new-backdoor-targeting-european.html www.secnews.physaphae.fr/article.php?IdArticle=8456853 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lazarus exploite les fautes de frappe pour faufiler les logiciels malveillants PYPI dans les systèmes de développement<br>Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most]]> 2024-02-29T13:47:00+00:00 https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8456854 False Malware APT 38 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers chinois exploitant des défauts VPN Ivanti pour déployer de nouveaux logiciels malveillants<br>Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain]]> 2024-02-29T11:19:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8456812 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le président Biden bloque le transfert de masse des données personnelles dans les nations à haut risque<br>President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens\' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans\' sensitive data," the White House said in a statement. This includes sensitive information such as genomic data, biometric data,]]> 2024-02-29T10:33:00+00:00 https://thehackernews.com/2024/02/president-biden-blocks-mass-transfer-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456769 False Legislation None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates UNC1549 liés à l'Iran ciblent les secteurs de l'aérospatiale et de la défense du Moyen-Orient<br>Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant said in a new analysis. UNC1549 is said to overlap with ]]> 2024-02-28T20:38:00+00:00 https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html www.secnews.physaphae.fr/article.php?IdArticle=8456494 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le FBI prévient le secteur des soins de santé américains des attaques de ransomware Blackcat ciblées<br>FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator\'s]]> 2024-02-28T18:36:00+00:00 https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456448 False Ransomware,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Construire votre plateforme de données client compatible avec la confidentialité (CDP) avec des données de premier parti<br>Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data In today\'s digital era, data privacy isn\'t just a concern; it\'s a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a transformative webinar where we unveil Twilio Segment\'s state-of-the-art CDP.]]> 2024-02-28T17:32:00+00:00 https://thehackernews.com/2024/02/building-your-privacy-compliant.html www.secnews.physaphae.fr/article.php?IdArticle=8456419 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les superutilisateurs ont besoin d'une super protection: comment combler la gestion des accès privilégiés et la gestion de l'identité<br>Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users. There\'s a company aiming to fix the gap between traditional PAM and IdM]]> 2024-02-28T16:07:00+00:00 https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8456366 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Timbrester malware se propage via l'escroquerie de phishing sur le thème des impôts cible les utilisateurs informatiques<br>TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the "threat actor has previously used similar tactics, techniques and procedures (TTPs) to distribute a banking trojan known]]> 2024-02-28T13:13:00+00:00 https://thehackernews.com/2024/02/timbrestealer-malware-spreading-via-tax.html www.secnews.physaphae.fr/article.php?IdArticle=8456319 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les agences de cybersécurité avertissent les utilisateurs d'Ubiquiti Edgerouter de la menace moobot d'APT28 \\<br>Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28\\'s MooBot Threat In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The botnet, named MooBot, is said to have been used by a Russia-linked threat actor known as]]> 2024-02-28T11:17:00+00:00 https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html www.secnews.physaphae.fr/article.php?IdArticle=8456273 False Threat APT 28 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La vulnérabilité du plugin WordPress Litespeed met 5 millions de sites en danger<br>WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. "This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user]]> 2024-02-27T20:13:00+00:00 https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html www.secnews.physaphae.fr/article.php?IdArticle=8455914 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Open source Xeno Rat Troie apparaît comme une menace puissante sur Github<br>Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it available to other actors at no extra cost. Written in C# and compatible with Windows 10 and Windows 11 operating systems, the open-source RAT comes with a "comprehensive set of features for remote system management," according to its developer, who goes by the name moom825]]> 2024-02-27T18:26:00+00:00 https://thehackernews.com/2024/02/open-source-xeno-rat-trojan-emerges-as.html www.secnews.physaphae.fr/article.php?IdArticle=8455881 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) De l'alerte à l'action: comment accélérer vos enquêtes SOC<br>From Alert to Action: How to Speed Up Your SOC Investigations Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional\'s role. Threat intelligence platforms can significantly enhance their ability to do so. Let\'s find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated by SIEMs and EDRs.]]> 2024-02-27T16:18:00+00:00 https://thehackernews.com/2024/02/from-alert-to-action-how-to-speed-up.html www.secnews.physaphae.fr/article.php?IdArticle=8455833 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cinq agences Eyes exposent des tactiques d'évolution des nuages en évolution de l'APT29 \\<br>Five Eyes Agencies Expose APT29\\'s Evolving Cloud Attack Tactics Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to be affiliated with the Foreign Intelligence Service (SVR) of the]]> 2024-02-27T16:04:00+00:00 https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html www.secnews.physaphae.fr/article.php?IdArticle=8455808 False Threat,Cloud APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La nouvelle vulnérabilité du visage étreint expose les modèles d'IA aux attaques de chaîne d'approvisionnement<br>New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks Cybersecurity researchers have found that it\'s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. "It\'s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted]]> 2024-02-27T15:48:00+00:00 https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8455809 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alerte du plugin WordPress - La vulnérabilité critique SQLI menace 200k + sites Web<br>WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw. In an advisory published last week, WordPress]]> 2024-02-27T11:13:00+00:00 https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8455718 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelles attaques de chargeur IDAT en utilisant la stéganographie pour déployer Remcos Rat<br>New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) under the moniker UAC-0184. "The attack, as part of the IDAT Loader, used]]> 2024-02-26T20:24:00+00:00 https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html www.secnews.physaphae.fr/article.php?IdArticle=8455453 False Malware,Threat,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Plus de 8 000 sous-domaines de marques de confiance détournées pour une opération de spam massive<br>8,000+ Subdomains of Trusted Brands Hijacked for Massive Spam Operation More than 8,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit package delivery alerts]]> 2024-02-26T19:40:00+00:00 https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html www.secnews.physaphae.fr/article.php?IdArticle=8455427 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Des pirates nord-coréens ciblant les développeurs avec des forfaits NPM malveillants<br>North Korean Hackers Targeting Developers with Malicious npm Packages A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils. One of the packages in question, execution-time-async, masquerades as its legitimate]]> 2024-02-26T17:57:00+00:00 https://thehackernews.com/2024/02/north-korean-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8455379 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Trois conseils pour protéger vos secrets contre les accidents de l'IA<br>Three Tips to Protect Your Secrets from AI Accidents Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be attacked and defended. We\'re going to talk in this]]> 2024-02-26T15:59:00+00:00 https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html www.secnews.physaphae.fr/article.php?IdArticle=8455338 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les chevaux de Troie bancaires ciblent l'Amérique latine et l'Europe via Google Cloud Run<br>Banking Trojans Target Latin America and Europe Through Google Cloud Run Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. "The infection chains associated with these malware families feature the use of malicious]]> 2024-02-26T15:21:00+00:00 https://thehackernews.com/2024/02/banking-trojans-target-latin-america.html www.secnews.physaphae.fr/article.php?IdArticle=8455339 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lockbit Ransomware Group refait surface après le retrait des forces de l'ordre<br>LockBit Ransomware Group Resurfaces After Law Enforcement Takedown The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing. The administrator behind LockBit, in a&]]> 2024-02-26T10:27:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8455224 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les autorités affirment que l'administrateur Lockbit "Lockbitsupp" s'est engagé avec les forces de l'ordre<br>Authorities Claim LockBit Admin "LockBitSupp" Has Engaged with Law Enforcement LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, "has engaged with law enforcement," authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue]]> 2024-02-25T14:23:00+00:00 https://thehackernews.com/2024/02/authorities-claim-lockbit-admin.html www.secnews.physaphae.fr/article.php?IdArticle=8454915 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft étend les capacités de journalisation gratuites pour toutes les agences fédérales américaines<br>Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days,"]]> 2024-02-24T17:19:00+00:00 https://thehackernews.com/2024/02/microsoft-expands-free-logging.html www.secnews.physaphae.fr/article.php?IdArticle=8454550 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ensemble PYPI dormant compromis pour répandre Nova Sentinel MALWORED<br>Dormant PyPI Package Compromised to Spread Nova Sentinel Malware A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,]]> 2024-02-23T22:38:00+00:00 https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html www.secnews.physaphae.fr/article.php?IdArticle=8454213 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft publie Pyrit - un outil d'équipe rouge pour AI génératif<br>Microsoft Releases PyRIT - A Red Teaming Tool for Generative AI Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team]]> 2024-02-23T17:01:00+00:00 https://thehackernews.com/2024/02/microsoft-releases-pyrit-red-teaming.html www.secnews.physaphae.fr/article.php?IdArticle=8454107 False Tool,Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment utiliser la matrice de capacités SoC d'automatisation de Tines \\<br>How to Use Tines\\'s SOC Automation Capability Matrix Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it\'s been shared]]> 2024-02-23T16:59:00+00:00 https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html www.secnews.physaphae.fr/article.php?IdArticle=8454108 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les chercheurs détaillent la vulnérabilité des récentes raccourcis zéro cliquez sur Apple \\<br>Researchers Detail Apple\\'s Recent Zero-Click Shortcuts Vulnerability Details have emerged about a now-patched high-severity security flaw in Apple\'s Shortcuts app that could permit a shortcut to access sensitive information on the device without users\' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and ]]> 2024-02-23T10:35:00+00:00 https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8453985 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La FTC claque AVAST avec 16,5 millions de dollars d'amende pour la vente de données de navigation des utilisateurs<br>FTC Slams Avast with $16.5 Million Fine for Selling Users\\' Browsing Data The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users\' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was]]> 2024-02-23T09:00:00+00:00 https://thehackernews.com/2024/02/ftc-slams-avast-with-165-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8453953 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple dévoile le protocole PQ3 - cryptage post-quantal pour iMessage<br>Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach]]> 2024-02-22T21:55:00+00:00 https://thehackernews.com/2024/02/apple-unveils-pq3-protocol-post-quantum.html www.secnews.physaphae.fr/article.php?IdArticle=8453752 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les cybercriminels ont armé l'outil SSH-Ssh-Sake open source pour les attaques de réseau<br>Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/cybercriminals-weaponizing-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8453620 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Une nouvelle ère de hacktivisme<br>A New Age of Hacktivism In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/a-new-age-of-hacktivism.html www.secnews.physaphae.fr/article.php?IdArticle=8453621 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Backdoor du logiciel du gouvernement russe pour déployer des logiciels malveillants de rat Konni<br>Russian Government Software Backdoored to Deploy Konni RAT Malware An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People\'s Republic of Korea (DPRK)-nexus actors targeting Russia. The]]> 2024-02-22T16:13:00+00:00 https://thehackernews.com/2024/02/russian-government-software-backdoored.html www.secnews.physaphae.fr/article.php?IdArticle=8453622 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les États-Unis offrent 15 millions de dollars de primes pour traquer les leaders de ransomware de verrouillage<br>U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly]]> 2024-02-22T10:56:00+00:00 https://thehackernews.com/2024/02/us-offers-15-million-bounty-to-hunt.html www.secnews.physaphae.fr/article.php?IdArticle=8453518 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les nouvelles vulnérabilités Wi-Fi exposent les appareils Android et Linux aux pirates<br>New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a]]> 2024-02-21T21:46:00+00:00 https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8453299 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mustang Panda cible l'Asie avec des variantes avancées Doplugs<br>Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter," Trend Micro researchers Sunny Lu]]> 2024-02-21T18:33:00+00:00 https://thehackernews.com/2024/02/mustang-panda-targets-asia-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453207 False Malware,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 6 façons de simplifier la gouvernance de l'identité SaaS<br>6 Ways to Simplify SaaS Identity Governance With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can\'t possibly become experts in the nuances of the native]]> 2024-02-21T17:00:00+00:00 https://thehackernews.com/2024/02/6-ways-to-simplify-saas-identity.html www.secnews.physaphae.fr/article.php?IdArticle=8453182 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersécurité pour les soins de santé diagnostiquant le paysage de la menace et prescrivant des solutions de reprise<br>Cybersecurity for Healthcare-Diagnosing the Threat Landscape and Prescribing Solutions for Recovery On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light-it wasn\'t just computer networks that were brought to a halt, but actual patient]]> 2024-02-21T14:50:00+00:00 https://thehackernews.com/2024/02/cybersecurity-for-healthcarediagnosing.html www.secnews.physaphae.fr/article.php?IdArticle=8453138 False Ransomware,Threat,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) NOUVEAU \\ 'VietCredCare \\' Stealer ciblant les annonceurs Facebook au Vietnam<br>New \\'VietCredCare\\' Stealer Targeting Facebook Advertisers in Vietnam Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit]]> 2024-02-21T13:30:00+00:00 https://thehackernews.com/2024/02/new-vietcredcare-stealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8453092 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le signal présente des noms d'utilisateur, permettant aux utilisateurs de garder leurs numéros de téléphone privés<br>Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private End-to-end encrypted (E2EE) messaging app Signal said it\'s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal\'s Randall Sarafa said. “People who have your number saved in their]]> 2024-02-21T12:47:00+00:00 https://thehackernews.com/2024/02/signal-introduces-usernames-allowing.html www.secnews.physaphae.fr/article.php?IdArticle=8453093 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates russes ciblent l'Ukraine avec une désinformation et des attaques de récolte des informations d'identification<br>Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and a European Union agency in November 2023]]> 2024-02-21T11:31:00+00:00 https://thehackernews.com/2024/02/russian-hackers-target-ukraine-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453047 False Spam,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alerte VMware: désinstaller EAP Now - Critical Flaw met Active Directory en danger<br>VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying]]> 2024-02-21T11:04:00+00:00 https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8453048 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveaux logiciels malveillants Migo ciblant les serveurs Redis pour l'exploitation des crypto-monnaies<br>New Migo Malware Targeting Redis Servers for Cryptocurrency Mining A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report. The cryptojacking attack is facilitated]]> 2024-02-20T20:50:00+00:00 https://thehackernews.com/2024/02/new-migo-malware-targeting-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8452773 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fonctionnement du ransomware de verrouillage fermé;Criminels arrêtés;Clés de décryptage publiés<br>LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit\'s source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos. "Some of the data on LockBit\'s systems belonged to victims who had paid a ransom to the threat actors, evidencing that even when a ransom is paid, it does not]]> 2024-02-20T18:25:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomware-operation-shut-down.html www.secnews.physaphae.fr/article.php?IdArticle=8452720 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveaux packages PYPI malveillants capturés à l'aide de tactiques de chargement latérales secrètes<br>New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP6HelperHttptest and NP6HelperHttper, were each downloaded 537 and 166 times, respectively,]]> 2024-02-20T18:00:00+00:00 https://thehackernews.com/2024/02/new-malicious-pypi-packages-caught.html www.secnews.physaphae.fr/article.php?IdArticle=8452749 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compliance SaaS dans le cadre de la cybersécurité du NIST<br>SaaS Compliance through the NIST Cybersecurity Framework The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world\'s most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a]]> 2024-02-20T16:23:00+00:00 https://thehackernews.com/2024/02/saas-compliance-through-nist.html www.secnews.physaphae.fr/article.php?IdArticle=8452677 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le nouveau rapport révèle des pirates nord-coréens ciblant les entreprises de défense dans le monde entier<br>New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany\'s Federal Office for the Protection of the Constitution (BfV) and South Korea\'s National Intelligence Service (NIS), the agencies said the goal of the attacks is to plunder advanced defense technologies in a "]]> 2024-02-20T16:23:00+00:00 https://thehackernews.com/2024/02/new-report-reveals-north-korean-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8452679 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apprenez à construire un livre de jeu de réponse aux incidents contre Spattered Spider en temps réel<br>Learn How to Build an Incident Response Playbook Against Scattered Spider in Real-Time In the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider threat group. Their attacks targeted the nerve centers of major financial and insurance institutions, culminating in what stands as one of the most impactful ransomware assaults in recent memory.  When organizations have no response plan in place for such an]]> 2024-02-20T16:23:00+00:00 https://thehackernews.com/2024/02/learn-how-to-build-incident-response.html www.secnews.physaphae.fr/article.php?IdArticle=8452678 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Flaws critiques trouvés dans ConnectWise ScreenConnect Software - Patch maintenant<br>Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, are listed below - Authentication bypass using an alternate path or channel (CVSS score: 10.0) Improper limitation of]]> 2024-02-20T16:08:00+00:00 https://thehackernews.com/2024/02/critical-flaws-found-in-connectwise.html www.secnews.physaphae.fr/article.php?IdArticle=8452680 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thème WordPress Bricks sous attaque active: la faille critique a un impact sur plus de 25 000 sites<br>WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. It has been addressed by the theme developers in&]]> 2024-02-20T14:38:00+00:00 https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8452637 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates de l'Iran et du Hezbollah lancent des attaques pour influencer le récit d'Israël-Hamas<br>Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns designed to steal intelligence, and information operations to turn public opinion against Israel. Iran]]> 2024-02-20T11:31:00+00:00 https://thehackernews.com/2024/02/iran-and-hezbollah-hackers-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8452588 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les domaines Darknet de Lockbit Ransomware \\ ont été saisis lors d'un raid mondial d'application de la loi<br>LockBit Ransomware\\'s Darknet Domains Seized in Global Law Enforcement Raid An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group\'s .onion website displays a seizure banner containing the message "]]> 2024-02-20T10:55:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomwares-darknet-domains.html www.secnews.physaphae.fr/article.php?IdArticle=8452572 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta met en garde contre 8 entreprises spyware ciblant les appareils iOS, Android et Windows<br>Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. "Their various malware included]]> 2024-02-19T18:44:00+00:00 https://thehackernews.com/2024/02/meta-warns-of-8-spyware-firms-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8452317 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment réaliser les meilleures alertes basées sur les risques (bye-bye siem)<br>How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM) Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Response (NDR) and how it\'s become the most effective technology to detect cyber threats?  NDR massively]]> 2024-02-19T17:00:00+00:00 https://thehackernews.com/2024/02/bye-bye-siem-hello-risk-based-alerting.html www.secnews.physaphae.fr/article.php?IdArticle=8452297 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Anatsa Android Trojan contourne Google Play Security, étend la portée des nouveaux pays<br>Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play\'s enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.]]> 2024-02-19T15:59:00+00:00 https://thehackernews.com/2024/02/anatsa-android-trojan-bypasses-google.html www.secnews.physaphae.fr/article.php?IdArticle=8452280 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates liés à la Russie manquent à plus de 80 organisations via des défauts du cube ronde<br>Russian-Linked Hackers Breach 80+ Organizations via Roundcube Flaws Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia, Poland, and Ukraine, according to Recorded Future, which attributed the intrusion set to a threat]]> 2024-02-19T10:35:00+00:00 https://thehackernews.com/2024/02/russian-linked-hackers-breach-80.html www.secnews.physaphae.fr/article.php?IdArticle=8452169 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates iraniens ciblent les experts de la politique du Moyen-Orient avec une nouvelle porte dérobée de base<br>Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal. Charming Kitten, also called APT35, CharmingCypress, Mint Sandstorm, TA453, and Yellow Garuda, has a history of orchestrating a wide range of social engineering campaigns that cast a]]> 2024-02-19T10:09:00+00:00 https://thehackernews.com/2024/02/iranian-hackers-target-middle-east.html www.secnews.physaphae.fr/article.php?IdArticle=8452155 False Threat APT 35 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le Mastermind de logiciel malveillant le plus recherché par le FBI \\ est le plus gros<br>FBI\\'s Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the FBI\'s most-wanted list in 2012. The U.S.]]> 2024-02-18T12:42:00+00:00 https://thehackernews.com/2024/02/fbis-most-wanted-zeus-and-icedid.html www.secnews.physaphae.fr/article.php?IdArticle=8451785 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment les entreprises peuvent protéger leurs canaux de communication contre les pirates<br>How Businesses Can Safeguard Their Communication Channels Against Hackers Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction.  However, business communication channels are also a major target]]> 2024-02-17T13:48:00+00:00 https://thehackernews.com/2024/02/how-businesses-can-safeguard-their.html www.secnews.physaphae.fr/article.php?IdArticle=8451335 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Open Sources Magika: outil d'identification des fichiers alimentée par AI<br>Google Open Sources Magika: AI-Powered File Identification Tool Google has announced that it\'s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. "Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher precision on traditionally hard to identify, but potentially problematic content]]> 2024-02-17T12:56:00+00:00 https://thehackernews.com/2024/02/google-open-sources-magika-ai-powered.html www.secnews.physaphae.fr/article.php?IdArticle=8451312 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AVERTISSEMENT CISA: Ransomware Akira exploitant la vulnérabilité Cisco ASA / FTD<br>CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it\'s being likely exploited in Akira ransomware attacks. The vulnerability in question is ]]> 2024-02-16T21:12:00+00:00 https://thehackernews.com/2024/02/cisa-warning-akira-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8451009 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Rustdoor MacOS Backdoor cible les entreprises de crypto-monnaie avec de fausses offres d'emploi<br>RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It\'s distributed by masquerading itself as a Visual]]> 2024-02-16T18:57:00+00:00 https://thehackernews.com/2024/02/rustdoor-macos-backdoor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8450959 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pourquoi nous devons démocratiser la cybersécurité<br>Why We Must Democratize Cybersecurity With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public. While this is creating greater awareness among smaller businesses of the need to improve their security posture, SMBs are often]]> 2024-02-16T16:20:00+00:00 https://thehackernews.com/2024/02/why-we-must-democratize-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8450881 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malveillant \\ 'sns expéditeur \\' abus de script aws pour les attaques de smirs en vrac<br>Malicious \\'SNS Sender\\' Script Abuses AWS for Bulk Smishing Attacks A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS). The SMS phishing messages are designed to propagate malicious links that are designed to capture victims\' personally identifiable information (PII) and payment card details, SentinelOne ]]> 2024-02-16T16:19:00+00:00 https://thehackernews.com/2024/02/malicious-sns-sender-script-abuses-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8450882 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Réseau gouvernemental d'État américain violée via l'ancien compte de l'employé \\<br>U.S. State Government Network Breached via Former Employee\\'s Account The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization\'s network environment was compromised via an administrator account belonging to a former employee. "This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point," the agency said in a joint advisory published]]> 2024-02-16T13:10:00+00:00 https://thehackernews.com/2024/02/us-state-government-network-breached.html www.secnews.physaphae.fr/article.php?IdArticle=8450787 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le gouvernement américain perturbe le botnet lié à la russe engagé dans le cyber-espionnage<br>U.S. Government Disrupts Russian-Linked Botnet Engaged in Cyber Espionage The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. "These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.]]> 2024-02-16T12:19:00+00:00 https://thehackernews.com/2024/02/us-government-disrupts-russian-linked.html www.secnews.physaphae.fr/article.php?IdArticle=8450766 False None APT 28 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates russes Turla ciblent les ONG polonaises avec une nouvelle porte dérobée Tinyturla-NG<br>Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023. "TinyTurla-NG, just like TinyTurla, is a small \'last chance\' backdoor that is left behind to be used when all other unauthorized access/backdoor mechanisms have failed or been]]> 2024-02-15T20:38:00+00:00 https://thehackernews.com/2024/02/russian-turla-hackers-target-polish.html www.secnews.physaphae.fr/article.php?IdArticle=8450466 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti Pulse Secure trouvé en utilisant la version Linux de 11 ans et les bibliothèques obsolètes<br>Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating system used by the Utah-based software company for the device is CentOS 6.4. "Pulse Secure runs an]]> 2024-02-15T19:50:00+00:00 https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html www.secnews.physaphae.fr/article.php?IdArticle=8450467 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment les acteurs de l'État-nation ciblent votre entreprise: de nouvelles recherches expose les vulnérabilités SaaS majeures<br>How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023. Their study]]> 2024-02-15T17:00:00+00:00 https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html www.secnews.physaphae.fr/article.php?IdArticle=8450383 False Vulnerability,Studies,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers chinois utilisant Deepfakes dans les attaques de logiciels malveillants avancés<br>Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that\'s capable of harvesting identity documents, facial recognition data, and intercepting SMS. "The GoldPickaxe family is available for both iOS and Android platforms,"]]> 2024-02-15T15:01:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html www.secnews.physaphae.fr/article.php?IdArticle=8450362 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Flaw Critical Exchange Server (CVE-2024-21410) sous exploitation active<br>Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker]]> 2024-02-15T10:49:00+00:00 https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8450273 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft, Openai met en garde contre les pirates d'État-nation armé par l'IA pour les cyberattaques<br>Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyberattacks Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts made by five state-affiliated actors that used its]]> 2024-02-14T20:09:00+00:00 https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html www.secnews.physaphae.fr/article.php?IdArticle=8450023 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ubuntu \\ 'Command-Not-Found \\' L'outil pourrait inciter les utilisateurs à installer des packages Rogue<br>Ubuntu \\'command-not-found\\' Tool Could Trick Users into Installing Rogue Packages Cybersecurity researchers have found that it\'s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. "While \'command-not-found\' serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the]]> 2024-02-14T18:56:00+00:00 https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html www.secnews.physaphae.fr/article.php?IdArticle=8450004 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tactiques de cybersécurité Les institutions Finserv peuvent se mettre en place en 2024<br>Cybersecurity Tactics FinServ Institutions Can Bank On in 2024 The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more]]> 2024-02-14T16:53:00+00:00 https://thehackernews.com/2024/02/cybersecurity-tactics-finserv.html www.secnews.physaphae.fr/article.php?IdArticle=8449961 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bumblebee Malware revient avec de nouvelles astuces, ciblant les entreprises américaines<br>Bumblebee Malware Returns with New Tricks, Targeting U.S. Businesses The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. Enterprise security firm Proofpoint said the activity targets organizations in the U.S. with voicemail-themed lures containing links to OneDrive URLs. "The URLs led to a Word file with names such as "]]> 2024-02-14T16:48:00+00:00 https://thehackernews.com/2024/02/bumblebee-malware-returns-with-new.html www.secnews.physaphae.fr/article.php?IdArticle=8449962 False Malware None 2.0000000000000000