This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T01:25:49+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in the wild, said they are designed to target machines running macOS Ventura 13.6 and later, indicating the malware\'s ability to infect Macs on both Intel and]]> 2024-01-23T17:57:00+00:00 https://thehackernews.com/2024/01/activator-alert-macos-malware-hides-in.html www.secnews.physaphae.fr/article.php?IdArticle=8442123 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore\'s broad, internationally distributed network of scrubbing centers allows them to follow attack trends over time. Read on to learn about DDoS attack trends for Q3–Q4 of 2023, and what they mean for developing a robust]]> 2024-01-23T17:03:00+00:00 https://thehackernews.com/2024/01/from-megabits-to-terabits-gcore-radar.html www.secnews.physaphae.fr/article.php?IdArticle=8442094 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of child pornography. He was later released on a $]]> 2024-01-23T15:55:00+00:00 https://thehackernews.com/2024/01/breachforums-founder-sentenced-to-20.html www.secnews.physaphae.fr/article.php?IdArticle=8442048 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible]]> 2024-01-23T15:04:00+00:00 https://thehackernews.com/2024/01/40000-attacks-in-3-days-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8442028 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as CVE-2024-23222, is a type confusion bug that could be exploited by a threat actor to achieve arbitrary code execution when processing maliciously crafted web content. The tech giant said the problem]]> 2024-01-23T07:00:00+00:00 https://thehackernews.com/2024/01/apple-issues-patch-for-critical-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8441910 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023. "ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity]]> 2024-01-22T22:17:00+00:00 https://thehackernews.com/2024/01/north-korean-hackers-weaponize-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8441736 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. "Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to know whether an attack was being performed]]> 2024-01-22T22:05:00+00:00 https://thehackernews.com/2024/01/hackers-hijack-popular-java-and-android.html www.secnews.physaphae.fr/article.php?IdArticle=8441737 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) We analyzed 2,5 million vulnerabilities we discovered in our customer\'s assets. This is what we found. Digging into the data The dataset we analyze here is representative of a subset of clients that subscribe to our vulnerability scanning services. Assets scanned include those reachable across the Internet, as well as those present on internal networks. The data includes findings for network]]> 2024-01-22T16:52:00+00:00 https://thehackernews.com/2024/01/52-of-serious-vulnerabilities-we-find.html www.secnews.physaphae.fr/article.php?IdArticle=8441633 False Vulnerability,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Java-based "sophisticated" information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts. The malware, named NS-STEALER, is propagated via ZIP archives masquerading as cracked software, Trellix security researcher Gurumoorthi Ramanathan said in an analysis published last week. The ZIP file contains]]> 2024-01-22T16:52:00+00:00 https://thehackernews.com/2024/01/ns-stealer-uses-discord-bots-to.html www.secnews.physaphae.fr/article.php?IdArticle=8441634 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling or licensing precise location data. The settlement is part of allegations that the Texas-based company did not inform or seek consent from consumers before using their location information for advertising and marketing purposes. "InMarket will also be prohibited from]]> 2024-01-22T12:32:00+00:00 https://thehackernews.com/2024/01/ftc-bans-inmarket-for-selling-precise.html www.secnews.physaphae.fr/article.php?IdArticle=8441556 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. "The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners," Trustwave said. "Notably, despite the binary\'s unknown file]]> 2024-01-22T09:10:00+00:00 https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8441496 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. "UNC3886 has a track record of utilizing zero-day vulnerabilities to complete their mission without being detected, and this latest example further]]> 2024-01-20T15:53:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-silently-weaponized.html www.secnews.physaphae.fr/article.php?IdArticle=8440964 False Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The development came after the vulnerabilities – an authentication bypass]]> 2024-01-20T10:01:00+00:00 https://thehackernews.com/2024/01/cisa-issues-emergency-directive-to.html www.secnews.physaphae.fr/article.php?IdArticle=8440879 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company\'s cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly]]> 2024-01-20T08:41:00+00:00 https://thehackernews.com/2024/01/microsofts-top-execs-emails-breached-in.html www.secnews.physaphae.fr/article.php?IdArticle=8440863 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files. "The PDFs]]> 2024-01-20T07:46:00+00:00 https://thehackernews.com/2024/01/invoice-phishing-alert-ta866-deploys.html www.secnews.physaphae.fr/article.php?IdArticle=8440850 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. "Once detonated, the malware will download and execute multiple payloads]]> 2024-01-19T18:18:00+00:00 https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8440653 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It\'s the lifeblood of any organization in today\'s interconnected and digital world. Thus, safeguarding the data is of paramount importance. Its importance is magnified in on-premises Exchange Server environments where vital business communication and emails are stored and managed.  In]]> 2024-01-19T16:54:00+00:00 https://thehackernews.com/2024/01/preventing-data-loss-backup-and.html www.secnews.physaphae.fr/article.php?IdArticle=8440618 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named "oscompatible," was published on January 9, 2024, attracting a total of 380 downloads before it was taken down. oscompatible included a "few strange binaries," according to software supply chain security firm Phylum, including a single]]> 2024-01-19T13:12:00+00:00 https://thehackernews.com/2024/01/npm-trojan-bypasses-uac-installs.html www.secnews.physaphae.fr/article.php?IdArticle=8440571 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it\'s being actively exploited in the wild. The vulnerability in question is CVE-2023-35082 (CVSS score: 9.8), an authentication bypass]]> 2024-01-19T10:25:00+00:00 https://thehackernews.com/2024/01/us-cybersecurity-agency-warns-of.html www.secnews.physaphae.fr/article.php?IdArticle=8440517 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. "This is the first documented case of malware deploying the 9Hits application as a payload," cloud security firm Cado said, adding the development is a sign that adversaries are]]> 2024-01-18T22:01:00+00:00 https://thehackernews.com/2024/01/new-docker-malware-steals-cpu-for.html www.secnews.physaphae.fr/article.php?IdArticle=8440348 False Malware,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google\'s Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are]]> 2024-01-18T20:19:00+00:00 https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html www.secnews.physaphae.fr/article.php?IdArticle=8440327 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow\'s build agents via]]> 2024-01-18T18:04:00+00:00 https://thehackernews.com/2024/01/tensorflow-cicd-flaw-exposed-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8440265 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an]]> 2024-01-18T17:32:00+00:00 https://thehackernews.com/2024/01/mfa-spamming-and-fatigue-when-security.html www.secnews.physaphae.fr/article.php?IdArticle=8440266 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to]]> 2024-01-18T14:49:00+00:00 https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html www.secnews.physaphae.fr/article.php?IdArticle=8440211 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," the]]> 2024-01-18T09:46:00+00:00 https://thehackernews.com/2024/01/iranian-hackers-masquerades-as.html www.secnews.physaphae.fr/article.php?IdArticle=8440137 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment in Poland, said it unearthed half a dozen flaws that allow for]]> 2024-01-17T19:21:00+00:00 https://thehackernews.com/2024/01/pax-pos-terminal-flaw-could-allow.html www.secnews.physaphae.fr/article.php?IdArticle=8439909 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better protect their intellectual property (IP) and data against the growing and evolving risks of AI usage. SaaS applications seem to be multiplying by the day, and so does their integration of AI]]> 2024-01-17T19:00:00+00:00 https://thehackernews.com/2024/01/combating-ip-leaks-into-ai-applications.html www.secnews.physaphae.fr/article.php?IdArticle=8439910 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks." A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the malware]]> 2024-01-17T16:44:00+00:00 https://thehackernews.com/2024/01/feds-warn-of-androxgh0st-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8439850 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the digital age, the battleground for security professionals is not only evolving, it\'s expanding at an alarming rate. The upcoming webinar, "The Art of Privilege Escalation - How Hackers Become Admins," offers an unmissable opportunity for IT security experts to stay ahead in this relentless cyber war. Privilege escalation - the term might sound benign, but in the hands of a skilled hacker,]]> 2024-01-17T16:29:00+00:00 https://thehackernews.com/2024/01/webinar-art-of-privilege-escalation-how.html www.secnews.physaphae.fr/article.php?IdArticle=8439851 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group\'s Pegasus, QuaDream\'s Reign, and Intellexa\'s Predator.  Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file]]> 2024-01-17T15:52:00+00:00 https://thehackernews.com/2024/01/new-ishutdown-method-exposes-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8439832 False Mobile,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to credentials within a production container. The Microsoft-owned subsidiary said it was made aware of the problem on December 26, 2023, and that it addressed the issue the same day, in addition to rotating all potentially exposed credentials out of an]]> 2024-01-17T13:11:00+00:00 https://thehackernews.com/2024/01/github-rotates-keys-after-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8439800 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below - CVE-2023-6548 (CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management]]> 2024-01-17T09:44:00+00:00 https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html www.secnews.physaphae.fr/article.php?IdArticle=8439755 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. "By reading out-of-bounds memory, an attacker might be able to get secret values,]]> 2024-01-17T07:50:00+00:00 https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-fix.html www.secnews.physaphae.fr/article.php?IdArticle=8439734 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). “The two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern,” Jon Williams, a senior security]]> 2024-01-16T19:09:00+00:00 https://thehackernews.com/2024/01/alert-over-178000-sonicwall-firewalls.html www.secnews.physaphae.fr/article.php?IdArticle=8439575 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea. WebHard, short for web hard drive, is a popular online file storage system used to upload, download, and share files in the country. While webhards have been used in the past to deliver njRAT, UDP RAT, and DDoS botnet malware, the]]> 2024-01-16T18:52:00+00:00 https://thehackernews.com/2024/01/remcos-rat-spreading-through-adult.html www.secnews.physaphae.fr/article.php?IdArticle=8439554 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn\'t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full case study here. As a child,]]> 2024-01-16T16:19:00+00:00 https://thehackernews.com/2024/01/case-study-cookie-privacy-monster-in.html www.secnews.physaphae.fr/article.php?IdArticle=8439522 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme “leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers’ infrastructure that spoofed Web3 protocols to trick victims into authorizing]]> 2024-01-16T13:29:00+00:00 https://thehackernews.com/2024/01/inferno-malware-masqueraded-as-coinbase.html www.secnews.physaphae.fr/article.php?IdArticle=8439474 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Simon Zuckerbraun said. “It also]]> 2024-01-16T12:43:00+00:00 https://thehackernews.com/2024/01/hackers-weaponize-windows-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8439454 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the fact that it takes advantage of a feature called My Flow that makes it]]> 2024-01-15T19:28:00+00:00 https://thehackernews.com/2024/01/opera-myflaw-bug-could-let-hackers-run.html www.secnews.physaphae.fr/article.php?IdArticle=8439241 False Vulnerability,Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases.  Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser-2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of formidable]]> 2024-01-15T19:28:00+00:00 https://thehackernews.com/2024/01/3-ransomware-group-newcomers-to-watch.html www.secnews.physaphae.fr/article.php?IdArticle=8439242 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be weaponized by an attacker to]]> 2024-01-15T13:46:00+00:00 https://thehackernews.com/2024/01/high-severity-flaws-uncovered-in-bosch.html www.secnews.physaphae.fr/article.php?IdArticle=8439153 False Vulnerability,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech]]> 2024-01-15T13:15:00+00:00 https://thehackernews.com/2024/01/balada-injector-infects-over-7100.html www.secnews.physaphae.fr/article.php?IdArticle=8439154 False Malware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. “This surge in cyber attacks coincided]]> 2024-01-15T11:25:00+00:00 https://thehackernews.com/2024/01/ddos-attacks-on-environmental-services.html www.secnews.physaphae.fr/article.php?IdArticle=8439127 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a]]> 2024-01-14T14:37:00+00:00 https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438871 False Industrial,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a]]> 2024-01-13T16:15:00+00:00 https://thehackernews.com/2024/01/critical-rce-vulnerability-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438586 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.” “A cloud]]> 2024-01-13T15:31:00+00:00 https://thehackernews.com/2024/01/29-year-old-ukrainian-cryptojacking.html www.secnews.physaphae.fr/article.php?IdArticle=8438571 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an]]> 2024-01-12T19:23:00+00:00 https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8438293 False Malware,Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their]]> 2024-01-12T18:53:00+00:00 https://thehackernews.com/2024/01/medusa-ransomware-on-rise-from-data.html www.secnews.physaphae.fr/article.php?IdArticle=8438294 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the CVSS scoring system and could facilitate account takeover by sending password reset emails to an unverified email address. The]]> 2024-01-12T18:33:00+00:00 https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8438295 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson\'s famous adage, "Everyone has a plan until they get punched in]]> 2024-01-12T17:35:00+00:00 https://thehackernews.com/2024/01/applying-tyson-principle-to.html www.secnews.physaphae.fr/article.php?IdArticle=8438245 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker\'s use of packers and rootkits to conceal the malware," Aqua security researchers Nitzan Yaakov and Assaf Morag said in an analysis published earlier]]> 2024-01-12T13:26:00+00:00 https://thehackernews.com/2024/01/cryptominers-targeting-misconfigured.html www.secnews.physaphae.fr/article.php?IdArticle=8438154 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain]]> 2024-01-12T12:05:00+00:00 https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html www.secnews.physaphae.fr/article.php?IdArticle=8438140 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security]]> 2024-01-11T20:58:00+00:00 https://thehackernews.com/2024/01/threat-actors-increasingly-abusing.html www.secnews.physaphae.fr/article.php?IdArticle=8437918 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (]]> 2024-01-11T19:46:00+00:00 https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html www.secnews.physaphae.fr/article.php?IdArticle=8437896 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. “Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various]]> 2024-01-11T19:30:00+00:00 https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8437897 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who\'s-who of big-name organizations. If MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars]]> 2024-01-11T17:13:00+00:00 https://thehackernews.com/2024/01/there-is-ransomware-armageddon-coming.html www.secnews.physaphae.fr/article.php?IdArticle=8437843 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption in an effort to bypass detection rules,"]]> 2024-01-11T17:10:00+00:00 https://thehackernews.com/2024/01/atomic-stealer-gets-upgrade-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8437844 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The compromise of Mandiant\'s X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group. "Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X\'s 2FA policy, we were not adequately protected," the threat intelligence firm said ]]> 2024-01-11T11:40:00+00:00 https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html www.secnews.physaphae.fr/article.php?IdArticle=8437756 False Hack,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178]]> 2024-01-11T10:59:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8437742 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific]]> 2024-01-11T10:25:00+00:00 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8437743 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,” Akamai security researcher Stiv Kupchik said in a report shared with The]]> 2024-01-10T20:45:00+00:00 https://thehackernews.com/2024/01/noabot-latest-mirai-based-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8437567 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it.  The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable points using]]> 2024-01-10T17:00:00+00:00 https://thehackernews.com/2024/01/getting-off-attack-surface-hamster.html www.secnews.physaphae.fr/article.php?IdArticle=8437505 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations. The encryption key has also been shared with Avast,]]> 2024-01-10T16:01:00+00:00 https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html www.secnews.physaphae.fr/article.php?IdArticle=8437484 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic, which was previously known as X-Mode Social, from sharing or selling any sensitive location data with third-parties. The ban is part of a settlement over allegations that the company "sold precise location data that could be used to track people\'s visits to sensitive locations such as medical and]]> 2024-01-10T14:17:00+00:00 https://thehackernews.com/2024/01/ftc-bans-outlogic-x-mode-from-selling.html www.secnews.physaphae.fr/article.php?IdArticle=8437452 False Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The]]> 2024-01-10T10:56:00+00:00 https://thehackernews.com/2024/01/microsofts-january-2024-windows-update.html www.secnews.physaphae.fr/article.php?IdArticle=8437402 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.]]> 2024-01-10T10:20:00+00:00 https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html www.secnews.physaphae.fr/article.php?IdArticle=8437391 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor called Water Curupira has been observed actively distributing the PikaBot loader malware as part of spam campaigns in 2023. “PikaBot\'s operators ran phishing campaigns, targeting victims via its two components - a loader and a core module - which enabled unauthorized remote access and allowed the execution of arbitrary commands through an established connection with]]> 2024-01-09T21:31:00+00:00 https://thehackernews.com/2024/01/alert-water-curupira-hackers-actively.html www.secnews.physaphae.fr/article.php?IdArticle=8437215 False Spam,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access. “The analyzed threat campaign appears to end in one of two ways, either the selling of \'access\' to the compromised host, or the ultimate delivery of ransomware payloads,” Securonix researchers]]> 2024-01-09T19:15:00+00:00 https://thehackernews.com/2024/01/turkish-hackers-exploiting-poorly.html www.secnews.physaphae.fr/article.php?IdArticle=8437166 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees]]> 2024-01-09T16:57:00+00:00 https://thehackernews.com/2024/01/why-public-links-expose-your-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8437106 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security flaw has been disclosed in Kyocera\'s Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the \'Restrict NTLM: Outgoing NTLM]]> 2024-01-09T15:22:00+00:00 https://thehackernews.com/2024/01/alert-new-vulnerabilities-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8437087 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. “These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,]]> 2024-01-09T13:47:00+00:00 https://thehackernews.com/2024/01/beware-youtube-videos-promoting-cracked.html www.secnews.physaphae.fr/article.php?IdArticle=8437067 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT that\'s equipped to bypass security software and stealthily launch hidden applications. “The developers operate on multiple hacker forums and social media platforms, showcasing an active and sophisticated presence,” cybersecurity firm Cyfirma said in a report]]> 2024-01-08T19:34:00+00:00 https://thehackernews.com/2024/01/syrian-hackers-distributing-stealthy-c.html www.secnews.physaphae.fr/article.php?IdArticle=8436659 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, “only 59% of organizations say their cybersecurity strategy has changed over the past two years.” This stagnation in strategy adaptation can be traced back to several key issues. Talent Retention Challenges: The cybersecurity field is rapidly advancing, requiring a]]> 2024-01-08T17:09:00+00:00 https://thehackernews.com/2024/01/unifying-security-tech-beyond-stack.html www.secnews.physaphae.fr/article.php?IdArticle=8436600 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particularly firewalls and VPNs, which give attackers direct network access to execute their attacks. In fact, Gartner&]]> 2024-01-08T14:31:00+00:00 https://thehackernews.com/2024/01/webinar-leverage-zero-trust-security-to.html www.secnews.physaphae.fr/article.php?IdArticle=8436517 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years. “These security and privacy challenges include the potential for adversarial manipulation of training data, adversarial exploitation of model vulnerabilities to]]> 2024-01-08T13:23:00+00:00 https://thehackernews.com/2024/01/nist-warns-of-security-and-privacy.html www.secnews.physaphae.fr/article.php?IdArticle=8436518 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) said it charged 19 individuals worldwide in connection with the now-defunct xDedic Marketplace, which is estimated to have facilitated more than $68 million in fraud. In wrapping up its investigation into the dark web portal, the agency said the transnational operation was the result of close cooperation with law enforcement authorities from Belgium]]> 2024-01-08T11:45:00+00:00 https://thehackernews.com/2024/01/doj-charges-19-worldwide-in-68-million.html www.secnews.physaphae.fr/article.php?IdArticle=8436443 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors affiliated with the Democratic People\'s Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023. The DPRK "was responsible for almost a third of all funds stolen in crypto attacks last year, despite a 30% reduction from the USD 850 million haul in 2022," blockchain analytics firm TRM Labs said last week. "Hacks]]> 2024-01-08T10:29:00+00:00 https://thehackernews.com/2024/01/north-koreas-cyber-heist-dprk-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8436402 False Threat,Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group]]> 2024-01-06T13:49:00+00:00 https://thehackernews.com/2024/01/sea-turtle-cyber-espionage-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8435543 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recent wave of cyber attacks targeting Albanian organizations involved the use of a wiper called No-Justice. The findings come from cybersecurity company ClearSky, which said the Windows-based malware "crashes the operating system in a way that it cannot be rebooted." The intrusions have been attributed to an Iranian "psychological operation group" called Homeland]]> 2024-01-06T12:18:00+00:00 https://thehackernews.com/2024/01/pro-iranian-hacker-group-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8435521 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors. “SpectralBlur is a moderately capable backdoor that can upload/download files, run a shell, update its configuration, delete files, hibernate, or sleep, based on commands issued from the []]> 2024-01-05T21:05:00+00:00 https://thehackernews.com/2024/01/spectralblur-new-macos-backdoor-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8435195 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Picture this: you stumble upon a concealed secret within your company\'s source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secret is just the beginning; swift and resolute action becomes imperative. However, lacking the]]> 2024-01-05T15:33:00+00:00 https://thehackernews.com/2024/01/exposed-secrets-are-everywhere-heres.html www.secnews.physaphae.fr/article.php?IdArticle=8435044 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic. "The Orange account in the IP network coordination center (RIPE) has suffered improper access that has affected the browsing of some of our customers," the]]> 2024-01-05T15:31:00+00:00 https://thehackernews.com/2024/01/orange-spain-faces-bgp-traffic-hijack.html www.secnews.physaphae.fr/article.php?IdArticle=8435045 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on susceptible servers. Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS scoring system. The shortcoming impacts EPM 2021 and EPM 2022 prior to SU5. “If exploited, an]]> 2024-01-05T13:12:00+00:00 https://thehackernews.com/2024/01/alert-ivanti-releases-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8434986 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar\'s systems at least since May 2023. The development was first reported by Reuters. The incident, described as a "powerful hacker attack," first came to light last month, knocking out access to mobile and internet services]]> 2024-01-05T12:57:00+00:00 https://thehackernews.com/2024/01/russian-hackers-had-covert-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8434987 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware is distributed via a PDF file that embeds a link to a password-protected .7z archive. “]]> 2024-01-05T10:46:00+00:00 https://thehackernews.com/2024/01/new-bandook-rat-variant-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8434931 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Section four of the "Executive Order on Improving the Nation\'s Cybersecurity" introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan to sell to a government, understanding your Software Supply Chain and]]> 2024-01-04T17:43:00+00:00 https://thehackernews.com/2024/01/three-ways-to-supercharge-your-software.html www.secnews.physaphae.fr/article.php?IdArticle=8434422 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three harmful packages, named modularseven, driftme, and catme, attracted a total of 431 downloads over the past month before they were taken down. “These packages, upon initial use, deploy a CoinMiner]]> 2024-01-04T16:05:00+00:00 https://thehackernews.com/2024/01/beware-3-malicious-pypi-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8434356 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as UAC-0050 is leveraging phishing attacks to distribute Remcos RAT using new strategies to evade detection from security software. "The group\'s weapon of choice is Remcos RAT, a notorious malware for remote surveillance and control, which has been at the forefront of its espionage arsenal," Uptycs security researchers Karthick Kumar and Shilpesh Trivedi said in]]> 2024-01-04T14:25:00+00:00 https://thehackernews.com/2024/01/uac-0050-group-using-new-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8434261 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam. As of writing, the account has been restored on the social media platform. It\'s currently not clear how the account was breached. But the hacked Mandiant account was initially renamed to "@]]> 2024-01-04T11:59:00+00:00 https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html www.secnews.physaphae.fr/article.php?IdArticle=8434203 False Hack,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access to a valid session in an]]> 2024-01-03T18:46:00+00:00 https://thehackernews.com/2024/01/malware-using-google-multilogin-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8433684 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised]]> 2024-01-03T16:16:00+00:00 https://thehackernews.com/2024/01/5-ways-to-reduce-saas-security-risks.html www.secnews.physaphae.fr/article.php?IdArticle=8433615 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from arbitrary email addresses, allowing targeted phishing attacks," Timo Longin, a senior security]]> 2024-01-03T16:12:00+00:00 https://thehackernews.com/2024/01/smtp-smuggling-new-threat-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8433616 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Tuesday said it reached a settlement with VoIP service provider XCast over allegations that it facilitated illegal telemarketing campaigns since at least January 2018, in contravention of the Telemarketing Sales Rule (TSR). In addition to prohibiting the company from violating the law, the stipulated order requires it to meet other compliance measures,]]> 2024-01-03T12:51:00+00:00 https://thehackernews.com/2024/01/doj-slams-xcast-with-10-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8433486 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,]]> 2024-01-02T15:31:00+00:00 https://thehackernews.com/2024/01/the-definitive-enterprise-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8432862 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to settle a lawsuit filed in June 2020 that alleged that the company misled users by tracking their surfing activity who thought that their internet use remained private when using the “incognito” or “private” mode on web browsers. The class-action lawsuit sought at least $5 billion in damages. The settlement terms were not disclosed. The plaintiffs had]]> 2024-01-02T15:20:00+00:00 https://thehackernews.com/2024/01/google-settles-5-billion-privacy.html www.secnews.physaphae.fr/article.php?IdArticle=8432863 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL]]> 2024-01-01T19:30:00+00:00 https://thehackernews.com/2024/01/new-variant-of-dll-search-order.html www.secnews.physaphae.fr/article.php?IdArticle=8432407 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection\'s security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix]]> 2024-01-01T15:07:00+00:00 https://thehackernews.com/2024/01/new-terrapin-flaw-could-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8432287 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader. The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks. "The]]> 2024-01-01T12:22:00+00:00 https://thehackernews.com/2024/01/new-jinxloader-targeting-users-with.html www.secnews.physaphae.fr/article.php?IdArticle=8432214 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique," Check Point researchers Oded Vanunu,]]> 2023-12-30T15:00:00+00:00 https://thehackernews.com/2023/12/beware-scam-as-service-aiding.html www.secnews.physaphae.fr/article.php?IdArticle=8431211 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country\'s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed this week. “These infrastructures, under the legislation in force, are not currently classified as critical or important information infrastructure,” AKCESK said. One Albania, which has]]> 2023-12-29T19:27:00+00:00 https://thehackernews.com/2023/12/albanian-parliament-and-one-albania.html www.secnews.physaphae.fr/article.php?IdArticle=8430819 False Legislation None 3.0000000000000000