This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-15T15:08:45+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating system used by the Utah-based software company for the device is CentOS 6.4. "Pulse Secure runs an]]> 2024-02-15T19:50:00+00:00 https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html www.secnews.physaphae.fr/article.php?IdArticle=8450467 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023. Their study]]> 2024-02-15T17:00:00+00:00 https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html www.secnews.physaphae.fr/article.php?IdArticle=8450383 False Vulnerability,Studies,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that\'s capable of harvesting identity documents, facial recognition data, and intercepting SMS. "The GoldPickaxe family is available for both iOS and Android platforms,"]]> 2024-02-15T15:01:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html www.secnews.physaphae.fr/article.php?IdArticle=8450362 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker]]> 2024-02-15T10:49:00+00:00 https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8450273 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts made by five state-affiliated actors that used its]]> 2024-02-14T20:09:00+00:00 https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html www.secnews.physaphae.fr/article.php?IdArticle=8450023 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. "While \'command-not-found\' serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the]]> 2024-02-14T18:56:00+00:00 https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html www.secnews.physaphae.fr/article.php?IdArticle=8450004 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more]]> 2024-02-14T16:53:00+00:00 https://thehackernews.com/2024/02/cybersecurity-tactics-finserv.html www.secnews.physaphae.fr/article.php?IdArticle=8449961 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. Enterprise security firm Proofpoint said the activity targets organizations in the U.S. with voicemail-themed lures containing links to OneDrive URLs. "The URLs led to a Word file with names such as "]]> 2024-02-14T16:48:00+00:00 https://thehackernews.com/2024/02/bumblebee-malware-returns-with-new.html www.secnews.physaphae.fr/article.php?IdArticle=8449962 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet]]> 2024-02-14T13:03:00+00:00 https://thehackernews.com/2024/02/darkme-malware-targets-traders-using.html www.secnews.physaphae.fr/article.php?IdArticle=8449886 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed]]> 2024-02-14T10:31:00+00:00 https://thehackernews.com/2024/02/microsoft-rolls-out-patches-for-73.html www.secnews.physaphae.fr/article.php?IdArticle=8449859 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. "This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that can be extremely difficult to]]> 2024-02-13T20:07:00+00:00 https://thehackernews.com/2024/02/glupteba-botnet-evades-detection-with.html www.secnews.physaphae.fr/article.php?IdArticle=8449591 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of "devolution." "Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by removing advanced obfuscation techniques and changing the network communications," Zscaler ThreatLabz researcher Nikolaos]]> 2024-02-13T19:37:00+00:00 https://thehackernews.com/2024/02/pikabot-resurfaces-with-streamlined.html www.secnews.physaphae.fr/article.php?IdArticle=8449592 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches - safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors such as sophisticated spear-phishing, misconfigurations and]]> 2024-02-13T16:40:00+00:00 https://thehackernews.com/2024/02/midnight-blizzard-and-cloudflare.html www.secnews.physaphae.fr/article.php?IdArticle=8449550 False Vulnerability,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That\'s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.]]> 2024-02-13T12:33:00+00:00 https://thehackernews.com/2024/02/ivanti-vulnerability-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8449495 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of]]> 2024-02-13T10:21:00+00:00 https://thehackernews.com/2024/02/alert-cisa-warns-of-active-roundcube.html www.secnews.physaphae.fr/article.php?IdArticle=8449467 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). "Through a comprehensive analysis of Rhysida Ransomware, we identified an]]> 2024-02-12T18:42:00+00:00 https://thehackernews.com/2024/02/rhysida-ransomware-cracked-free.html www.secnews.physaphae.fr/article.php?IdArticle=8449262 False Ransomware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it\'s important to remember that MFA isn\'t foolproof. It can be bypassed, and it often is.  If a password is compromised, there are several options]]> 2024-02-12T16:44:00+00:00 https://thehackernews.com/2024/02/4-ways-hackers-use-social-engineering.html www.secnews.physaphae.fr/article.php?IdArticle=8449229 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it\'s partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the Principles for Package Repository Security, the framework aims to establish a set of foundational rules for package]]> 2024-02-12T16:11:00+00:00 https://thehackernews.com/2024/02/cisa-and-openssf-release-framework-for.html www.secnews.physaphae.fr/article.php?IdArticle=8449230 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Incident response (IR) is a race against time. You engage your internal or external team because there\'s enough evidence that something bad is happening, but you\'re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability to discover malicious files and outbound network connections. However, the identity aspect - namely]]> 2024-02-12T15:30:00+00:00 https://thehackernews.com/2024/02/why-are-compromised-identities.html www.secnews.physaphae.fr/article.php?IdArticle=8449216 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft said it\'s introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. "Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session," Microsoft Product Manager Jordi Adoumie said. "It is an ergonomic and familiar solution for users who want to elevate a command]]> 2024-02-12T11:15:00+00:00 https://thehackernews.com/2024/02/microsoft-introduces-linux-like-sudo.html www.secnews.physaphae.fr/article.php?IdArticle=8449150 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving away an additional $5 million for specifics that could lead to the arrest and/or conviction of any person "conspiring to participate in or attempting to participate in Hive ransomware activity."]]> 2024-02-12T10:01:00+00:00 https://thehackernews.com/2024/02/us-offers-10-million-bounty-for-info.html www.secnews.physaphae.fr/article.php?IdArticle=8449126 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws and three others – were "used to sell computer malware used by cybercriminals to secretly access and steal data from victims\' computers," the DoJ said. Alongside the takedown, the]]> 2024-02-11T16:24:00+00:00 https://thehackernews.com/2024/02/us-doj-dismantles-warzone-rat.html www.secnews.physaphae.fr/article.php?IdArticle=8448934 False Malware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact initial access pathway used to propagate the implant is currently not known, although]]> 2024-02-10T12:42:00+00:00 https://thehackernews.com/2024/02/alert-new-stealthy-rustdoor-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8448615 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period of time," Check Point said in a report this]]> 2024-02-09T22:02:00+00:00 https://thehackernews.com/2024/02/raspberry-robin-malware-upgrades-with.html www.secnews.physaphae.fr/article.php?IdArticle=8448448 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution," McAfee Labs said in a report published this week. "While the app is]]> 2024-02-09T19:04:00+00:00 https://thehackernews.com/2024/02/new-variant-of-moqhao-android-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8448386 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without]]> 2024-02-09T16:28:00+00:00 https://thehackernews.com/2024/02/hands-on-review-myrror-security-code.html www.secnews.physaphae.fr/article.php?IdArticle=8448370 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report. What]]> 2024-02-09T15:58:00+00:00 https://thehackernews.com/2024/02/new-coyote-trojan-targets-61-brazilian.html www.secnews.physaphae.fr/article.php?IdArticle=8448334 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and]]> 2024-02-09T13:10:00+00:00 https://thehackernews.com/2024/02/wazuh-in-cloud-era-navigating.html www.secnews.physaphae.fr/article.php?IdArticle=8448293 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor. Cisco Talos, which discovered the activity in May 2023, said the campaign has likely persisted since at least March 2021, adding it has identified only one compromised target to date, although it\'s]]> 2024-02-09T12:01:00+00:00 https://thehackernews.com/2024/02/stealthy-zardoor-backdoor-targets-saudi.html www.secnews.physaphae.fr/article.php?IdArticle=8448281 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially]]> 2024-02-09T11:06:00+00:00 https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html www.secnews.physaphae.fr/article.php?IdArticle=8448269 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti]]> 2024-02-09T09:05:00+00:00 https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8448245 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. "Volt Typhoon\'s choice of targets and pattern]]> 2024-02-08T18:35:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-operate-undetected-in.html www.secnews.physaphae.fr/article.php?IdArticle=8448027 False Threat Guam 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If you\'ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits!  However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the]]> 2024-02-08T16:09:00+00:00 https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html www.secnews.physaphae.fr/article.php?IdArticle=8447983 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. "The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"]]> 2024-02-08T15:58:00+00:00 https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html www.secnews.physaphae.fr/article.php?IdArticle=8447984 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts]]> 2024-02-08T15:47:00+00:00 https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html www.secnews.physaphae.fr/article.php?IdArticle=8447969 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll]]> 2024-02-08T12:23:00+00:00 https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html www.secnews.physaphae.fr/article.php?IdArticle=8447938 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an]]> 2024-02-08T10:40:00+00:00 https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8447898 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert data transfer system for other Chinese]]> 2024-02-07T20:41:00+00:00 https://thehackernews.com/2024/02/after-fbi-takedown-kv-botnet-operators.html www.secnews.physaphae.fr/article.php?IdArticle=8447704 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&]]> 2024-02-07T19:03:00+00:00 https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html www.secnews.physaphae.fr/article.php?IdArticle=8447657 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization\'s cybersecurity infrastructure and strategy. But you also need to position yourself as a reliable decision-maker, navigating professional responsibilities, business needs and leadership]]> 2024-02-07T16:08:00+00:00 https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html www.secnews.physaphae.fr/article.php?IdArticle=8447600 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by]]> 2024-02-07T15:15:00+00:00 https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html www.secnews.physaphae.fr/article.php?IdArticle=8447601 False Tool,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese state-backed hackers broke into a computer network that\'s used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a statement. "Because this system was self-contained, it did not lead to any damage to the]]> 2024-02-07T11:59:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html www.secnews.physaphae.fr/article.php?IdArticle=8447555 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated]]> 2024-02-07T10:35:00+00:00 https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html www.secnews.physaphae.fr/article.php?IdArticle=8447542 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. "This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors," Trustwave SpiderLabs said in a report shared with The Hacker News. Ov3r_Stealer]]> 2024-02-06T19:39:00+00:00 https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html www.secnews.physaphae.fr/article.php?IdArticle=8447298 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new security vulnerabilities have been discovered in Azure HDInsight\'s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition. "The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie," Orca security]]> 2024-02-06T19:32:00+00:00 https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html www.secnews.physaphae.fr/article.php?IdArticle=8447299 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors. Recently, Adaptive Shield commissioned a Total Economic]]> 2024-02-06T16:23:00+00:00 https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html www.secnews.physaphae.fr/article.php?IdArticle=8447245 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data. Singapore-headquartered Group-IB said the hacking crew\'s activities are geared towards job search platforms and the theft of resumes, with as many as 65]]> 2024-02-06T15:44:00+00:00 https://thehackernews.com/2024/02/hackers-exploit-job-boards-in-apac.html www.secnews.physaphae.fr/article.php?IdArticle=8447226 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others. The attacks exploit CVE-2024-21893 (CVSS]]> 2024-02-06T12:28:00+00:00 https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8447188 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. State Department said it\'s implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members. "The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken said. "Such targeting has been]]> 2024-02-06T10:30:00+00:00 https://thehackernews.com/2024/02/us-imposes-visa-restrictions-on-those.html www.secnews.physaphae.fr/article.php?IdArticle=8447154 False Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. If convicted, he faces a maximum penalty of 25 years in prison. BTC-e, which had]]> 2024-02-05T22:06:00+00:00 https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html www.secnews.physaphae.fr/article.php?IdArticle=8446981 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between]]> 2024-02-05T18:48:00+00:00 https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html www.secnews.physaphae.fr/article.php?IdArticle=8446926 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause great stress in the process. The issue being that by using a reactive, rather than proactive approach, many risks]]> 2024-02-05T16:42:00+00:00 https://thehackernews.com/2024/02/combined-security-practices-changing.html www.secnews.physaphae.fr/article.php?IdArticle=8446889 False General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of]]> 2024-02-05T16:42:00+00:00 https://thehackernews.com/2024/02/hands-on-review-sase-based-xdr-from.html www.secnews.physaphae.fr/article.php?IdArticle=8446927 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group\'s Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been publicly confirmed as targeted, out of whom had their devices compromised with the mercenary]]> 2024-02-05T13:07:00+00:00 https://thehackernews.com/2024/02/pegasus-spyware-targeted-iphones-of.html www.secnews.physaphae.fr/article.php?IdArticle=8446826 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week. Propagated via phishing mails, Mispadu is a Delphi-based information stealer]]> 2024-02-05T09:15:00+00:00 https://thehackernews.com/2024/02/new-mispadu-banking-trojan-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8446827 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Treasury Department\'s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin]]> 2024-02-03T13:03:00+00:00 https://thehackernews.com/2024/02/us-sanctions-6-iranian-officials-for.html www.secnews.physaphae.fr/article.php?IdArticle=8446272 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. "Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account," the maintainers said in a terse advisory. The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of]]> 2024-02-03T12:21:00+00:00 https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8446258 False Vulnerability,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems. The German company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant authorities. "We have revoked all security-related certificates and systems have been remediated or replaced]]> 2024-02-03T09:25:00+00:00 https://thehackernews.com/2024/02/anydesk-hacked-popular-remote-desktop.html www.secnews.physaphae.fr/article.php?IdArticle=8446231 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved with]]> 2024-02-02T20:19:00+00:00 https://thehackernews.com/2024/02/russian-apt28-hackers-targeting-high.html www.secnews.physaphae.fr/article.php?IdArticle=8446026 False None APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The agency attributed the campaign to a threat actor it calls UAC-0027. DirtyMoe, active since at least 2016, is capable of carrying out cryptojacking and distributed denial-of-service (DDoS) attacks. In March]]> 2024-02-02T18:47:00+00:00 https://thehackernews.com/2024/02/dirtymoe-malware-infects-2000-ukrainian.html www.secnews.physaphae.fr/article.php?IdArticle=8445985 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by the Southern District of New York (SDNY) for transmitting classified documents to WikiLeaks and for possessing child pornographic material. Joshua Adam Schulte, 35, was originally charged in June 2018. He was found guilty in July 2022. On September 13, 2023, he was&]]> 2024-02-02T16:10:00+00:00 https://thehackernews.com/2024/02/former-cia-engineer-sentenced-to-40.html www.secnews.physaphae.fr/article.php?IdArticle=8445947 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudzy, a prominent cloud infrastructure provider, proudly announces a significant enhancement in its cybersecurity landscape. This breakthrough has been achieved through a recent consultation with Recorded Future, a leader in providing real-time threat intelligence and cybersecurity analytics. This initiative, coupled with an overhaul of Cloudzy\'s cybersecurity strategies, represents a major]]> 2024-02-02T16:00:00+00:00 https://thehackernews.com/2024/02/cloudzy-elevates-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8445948 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP addresses and URLs. The law enforcement effort, codenamed Synergia, took place between September and November 2023 in an attempt to blunt the "growth, escalation and professionalization of transnational cybercrime." Involving 60 law]]> 2024-02-02T15:53:00+00:00 https://thehackernews.com/2024/02/interpol-arrests-31-in-global-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8445925 False Ransomware,Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code. The intrusion, which took place between November 14 and 24, 2023, and detected on November 23, was carried out "with the goal of]]> 2024-02-02T11:51:00+00:00 https://thehackernews.com/2024/02/cloudflare-breach-nation-state-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8445860 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. "The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible," web infrastructure and security]]> 2024-02-01T21:14:00+00:00 https://thehackernews.com/2024/02/fritzfrog-returns-with-log4shell-and.html www.secnews.physaphae.fr/article.php?IdArticle=8445634 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today. "The attacker escapes this container and runs multiple payloads on the]]> 2024-02-01T19:06:00+00:00 https://thehackernews.com/2024/02/exposed-docker-apis-under-attack-in.html www.secnews.physaphae.fr/article.php?IdArticle=8445595 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored threat actor called Volt Typhoon and blunt the impact posed by the hacking campaign. The existence of the botnet, dubbed KV-botnet, was first disclosed by the Black Lotus Labs team at]]> 2024-02-01T17:07:00+00:00 https://thehackernews.com/2024/02/us-feds-shut-down-china-linked-kv.html www.secnews.physaphae.fr/article.php?IdArticle=8445551 False Threat,Legislation Guam 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How\'s your vulnerability management program doing? Is it effective? A success? Let\'s be honest, without the right metrics or analytics, how can you tell how well you\'re doing, progressing, or if you\'re getting ROI? If you\'re not measuring, how do you know it\'s working? And even if you are measuring, faulty reporting or focusing on the wrong metrics can create blind spots and make it harder to]]> 2024-02-01T16:52:00+00:00 https://thehackernews.com/2024/02/why-right-metrics-matter-when-it-comes.html www.secnews.physaphae.fr/article.php?IdArticle=8445529 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed an updated version of the malware HeadCrab that\'s known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the financially-motivated threat actor behind the campaign is actively adapting and]]> 2024-02-01T16:52:00+00:00 https://thehackernews.com/2024/02/headcrab-20-goes-fileless-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8445530 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices. This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE. "CHAINLINE is a Python web shell backdoor that is]]> 2024-02-01T13:13:00+00:00 https://thehackernews.com/2024/02/warning-new-malware-emerges-in-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8445460 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component. "An attacker with]]> 2024-02-01T10:32:00+00:00 https://thehackernews.com/2024/02/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8445437 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk. "These container]]> 2024-02-01T01:30:00+00:00 https://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html www.secnews.physaphae.fr/article.php?IdArticle=8445309 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-21888 (CVSS score: 8.8) - A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows]]> 2024-01-31T19:08:00+00:00 https://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8445210 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange illicit tools and insights creating a dark and]]> 2024-01-31T17:51:00+00:00 https://thehackernews.com/2024/01/telegram-marketplaces-fuel-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8445172 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The SEC isn\'t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them.  The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the]]> 2024-01-31T16:30:00+00:00 https://thehackernews.com/2024/01/the-sec-wont-let-cisos-be-understanding.html www.secnews.physaphae.fr/article.php?IdArticle=8445135 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. "UNC4990 operations generally involve widespread USB infection followed by the deployment of the]]> 2024-01-31T16:30:00+00:00 https://thehackernews.com/2024/01/italian-businesses-hit-by-weaponized.html www.secnews.physaphae.fr/article.php?IdArticle=8445136 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that\'s used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused]]> 2024-01-31T12:53:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8445089 False Malware,Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc\'s __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It\'s said to have been accidentally]]> 2024-01-31T11:14:00+00:00 https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html www.secnews.physaphae.fr/article.php?IdArticle=8445069 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional]]> 2024-01-30T22:13:00+00:00 https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html www.secnews.physaphae.fr/article.php?IdArticle=8444876 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. "An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to]]> 2024-01-30T21:48:00+00:00 https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8444855 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar\'s Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the]]> 2024-01-30T19:15:00+00:00 https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html www.secnews.physaphae.fr/article.php?IdArticle=8444794 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It\'s the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in cybersecurity lies in this continuous adaptation and learning, always staying one step ahead of potential]]> 2024-01-30T16:19:00+00:00 https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8444755 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Italy\'s data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. "The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation]," the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday. It also said it]]> 2024-01-30T15:50:00+00:00 https://thehackernews.com/2024/01/italian-data-protection-watchdog.html www.secnews.physaphae.fr/article.php?IdArticle=8444756 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet\'s infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. "The new version of Zloader made significant changes to the loader]]> 2024-01-30T14:13:00+00:00 https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8444718 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and]]> 2024-01-30T10:31:00+00:00 https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html www.secnews.physaphae.fr/article.php?IdArticle=8444659 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an email attack scenario, an attacker could exploit the]]> 2024-01-29T19:01:00+00:00 https://thehackernews.com/2024/01/researchers-uncover-outlook.html www.secnews.physaphae.fr/article.php?IdArticle=8444428 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren\'t just numbers; they\'re a wake-up call. We\'re]]> 2024-01-29T17:03:00+00:00 https://thehackernews.com/2024/01/493-companies-share-their-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8444393 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case that some of AI\'s most significant impacts]]> 2024-01-29T16:41:00+00:00 https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html www.secnews.physaphae.fr/article.php?IdArticle=8444394 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it\'s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. "The attackers utilized the Gitea service to store several files]]> 2024-01-29T16:33:00+00:00 https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8444395 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. "The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans\' privacy are not just unethical, but illegal]]> 2024-01-29T12:29:00+00:00 https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html www.secnews.physaphae.fr/article.php?IdArticle=8444322 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS." "These]]> 2024-01-29T11:02:00+00:00 https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html www.secnews.physaphae.fr/article.php?IdArticle=8444297 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021. "Lures use Mexican Social]]> 2024-01-27T12:25:00+00:00 https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html www.secnews.physaphae.fr/article.php?IdArticle=8443701 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the modern counterpart - a multi-layered approach with strategic redundancy and a blend of passive and active security]]> 2024-01-26T16:34:00+00:00 https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html www.secnews.physaphae.fr/article.php?IdArticle=8443370 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead," Malwarebytes\' Jérôme Segura said in a]]> 2024-01-26T15:14:00+00:00 https://thehackernews.com/2024/01/malicious-ads-on-google-target-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8443351 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it\'s currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise (HPE) revealed that it had been the victim of an attack perpetrated by a hacking crew]]> 2024-01-26T11:33:00+00:00 https://thehackernews.com/2024/01/microsoft-warns-of-widening-apt29.html www.secnews.physaphae.fr/article.php?IdArticle=8443285 False Threat APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud. "]]> 2024-01-26T11:03:00+00:00 https://thehackernews.com/2024/01/russian-trickbot-mastermind-gets-5-year.html www.secnews.physaphae.fr/article.php?IdArticle=8443267 False Malware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems from improper processing of user-provided data that a threat actor could abuse to send a]]> 2024-01-26T10:43:00+00:00 https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8443268 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control (C2) server, and a web administration portal written in PHP," Kroll said in an analysis published last week. The risk and]]> 2024-01-25T19:53:00+00:00 https://thehackernews.com/2024/01/systembc-malwares-c2-server-analysis.html www.secnews.physaphae.fr/article.php?IdArticle=8443022 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE). The issue, assigned the CVE identifier CVE-2024-23897, has been described as an arbitrary file read vulnerability through the]]> 2024-01-25T17:27:00+00:00 https://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8442961 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that\'s distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware "has been updated with new features, as well as changes to the anti-analysis (analysis avoidance) techniques." LODEINFO (versions 0.6.6 and 0.6.7]]> 2024-01-25T17:00:00+00:00 https://thehackernews.com/2024/01/lodeinfo-fileless-malware-evolves-with.html www.secnews.physaphae.fr/article.php?IdArticle=8442962 False Malware None 3.0000000000000000