This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T01:02:18+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Section four of the "Executive Order on Improving the Nation\'s Cybersecurity" introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan to sell to a government, understanding your Software Supply Chain and]]> 2024-01-04T17:43:00+00:00 https://thehackernews.com/2024/01/three-ways-to-supercharge-your-software.html www.secnews.physaphae.fr/article.php?IdArticle=8434422 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three harmful packages, named modularseven, driftme, and catme, attracted a total of 431 downloads over the past month before they were taken down. “These packages, upon initial use, deploy a CoinMiner]]> 2024-01-04T16:05:00+00:00 https://thehackernews.com/2024/01/beware-3-malicious-pypi-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8434356 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as UAC-0050 is leveraging phishing attacks to distribute Remcos RAT using new strategies to evade detection from security software. "The group\'s weapon of choice is Remcos RAT, a notorious malware for remote surveillance and control, which has been at the forefront of its espionage arsenal," Uptycs security researchers Karthick Kumar and Shilpesh Trivedi said in]]> 2024-01-04T14:25:00+00:00 https://thehackernews.com/2024/01/uac-0050-group-using-new-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8434261 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam. As of writing, the account has been restored on the social media platform. It\'s currently not clear how the account was breached. But the hacked Mandiant account was initially renamed to "@]]> 2024-01-04T11:59:00+00:00 https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html www.secnews.physaphae.fr/article.php?IdArticle=8434203 False Hack,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access to a valid session in an]]> 2024-01-03T18:46:00+00:00 https://thehackernews.com/2024/01/malware-using-google-multilogin-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8433684 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised]]> 2024-01-03T16:16:00+00:00 https://thehackernews.com/2024/01/5-ways-to-reduce-saas-security-risks.html www.secnews.physaphae.fr/article.php?IdArticle=8433615 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from arbitrary email addresses, allowing targeted phishing attacks," Timo Longin, a senior security]]> 2024-01-03T16:12:00+00:00 https://thehackernews.com/2024/01/smtp-smuggling-new-threat-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8433616 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Tuesday said it reached a settlement with VoIP service provider XCast over allegations that it facilitated illegal telemarketing campaigns since at least January 2018, in contravention of the Telemarketing Sales Rule (TSR). In addition to prohibiting the company from violating the law, the stipulated order requires it to meet other compliance measures,]]> 2024-01-03T12:51:00+00:00 https://thehackernews.com/2024/01/doj-slams-xcast-with-10-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8433486 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,]]> 2024-01-02T15:31:00+00:00 https://thehackernews.com/2024/01/the-definitive-enterprise-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8432862 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to settle a lawsuit filed in June 2020 that alleged that the company misled users by tracking their surfing activity who thought that their internet use remained private when using the “incognito” or “private” mode on web browsers. The class-action lawsuit sought at least $5 billion in damages. The settlement terms were not disclosed. The plaintiffs had]]> 2024-01-02T15:20:00+00:00 https://thehackernews.com/2024/01/google-settles-5-billion-privacy.html www.secnews.physaphae.fr/article.php?IdArticle=8432863 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL]]> 2024-01-01T19:30:00+00:00 https://thehackernews.com/2024/01/new-variant-of-dll-search-order.html www.secnews.physaphae.fr/article.php?IdArticle=8432407 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection\'s security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix]]> 2024-01-01T15:07:00+00:00 https://thehackernews.com/2024/01/new-terrapin-flaw-could-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8432287 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader. The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks. "The]]> 2024-01-01T12:22:00+00:00 https://thehackernews.com/2024/01/new-jinxloader-targeting-users-with.html www.secnews.physaphae.fr/article.php?IdArticle=8432214 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique," Check Point researchers Oded Vanunu,]]> 2023-12-30T15:00:00+00:00 https://thehackernews.com/2023/12/beware-scam-as-service-aiding.html www.secnews.physaphae.fr/article.php?IdArticle=8431211 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country\'s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed this week. “These infrastructures, under the legislation in force, are not currently classified as critical or important information infrastructure,” AKCESK said. One Albania, which has]]> 2023-12-29T19:27:00+00:00 https://thehackernews.com/2023/12/albanian-parliament-and-one-albania.html www.secnews.physaphae.fr/article.php?IdArticle=8430819 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, 2023, targets government entities]]> 2023-12-29T16:11:00+00:00 https://thehackernews.com/2023/12/cert-ua-uncovers-new-malware-wave.html www.secnews.physaphae.fr/article.php?IdArticle=8430752 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky. “A notable point about attacks that]]> 2023-12-29T14:39:00+00:00 https://thehackernews.com/2023/12/kimsuky-hackers-deploying-appleseed.html www.secnews.physaphae.fr/article.php?IdArticle=8430708 False Tool,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday said it\'s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution,” the Microsoft Threat Intelligence]]> 2023-12-29T10:46:00+00:00 https://thehackernews.com/2023/12/microsoft-disables-msix-app-installer.html www.secnews.physaphae.fr/article.php?IdArticle=8430625 False Ransomware,Malware,Threat,Patching None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to]]> 2023-12-28T18:50:00+00:00 https://thehackernews.com/2023/12/google-cloud-resolves-privilege.html www.secnews.physaphae.fr/article.php?IdArticle=8430294 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginning of 2023 after becoming one of the targets, described it as]]> 2023-12-28T16:49:00+00:00 https://thehackernews.com/2023/12/most-sophisticated-iphone-hack-ever.html www.secnews.physaphae.fr/article.php?IdArticle=8430253 False Hack,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. "This malware is a loader with three types of components: a downloader that downloads an]]> 2023-12-28T11:26:00+00:00 https://thehackernews.com/2023/12/new-rugmi-malware-loader-surges-with.html www.secnews.physaphae.fr/article.php?IdArticle=8430151 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was]]> 2023-12-27T21:09:00+00:00 https://thehackernews.com/2023/12/critical-zero-day-in-apache-ofbiz-erp.html www.secnews.physaphae.fr/article.php?IdArticle=8429882 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and open-source library Spreadsheet::ParseExcel that\'s used by the Amavis scanner within the]]> 2023-12-27T18:05:00+00:00 https://thehackernews.com/2023/12/chinese-hackers-exploited-new-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8429811 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it\'s developed using an open-source mobile app framework called Xamarin and abuses the operating system\'s accessibility permissions to fulfill its objectives.]]> 2023-12-27T13:54:00+00:00 https://thehackernews.com/2023/12/new-sneaky-xamalicious-android-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8429720 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. "Threat actors can also choose to install only scanners and sell the breached IP and account credentials on]]> 2023-12-27T10:59:00+00:00 https://thehackernews.com/2023/12/warning-poorly-secured-linux-ssh.html www.secnews.physaphae.fr/article.php?IdArticle=8429640 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned last month through new]]> 2023-12-26T12:56:00+00:00 https://thehackernews.com/2023/12/carbanak-banking-malware-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8429198 False Ransomware,Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB\'s formal exit from Russia earlier this year. Cloud Atlas, active since at]]> 2023-12-25T13:17:00+00:00 https://thehackernews.com/2023/12/cloud-atlas-spear-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8428716 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent to get back to cybercrime "as soon as possible," BBC reported. Kurtaj, who is autistic, was]]> 2023-12-24T11:18:00+00:00 https://thehackernews.com/2023/12/british-lapsus-teen-members-sentenced.html www.secnews.physaphae.fr/article.php?IdArticle=8428221 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have discovered a rogue WordPress plugin that\'s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake WordPress plugins it contains some deceptive information at]]> 2023-12-22T22:17:00+00:00 https://thehackernews.com/2023/12/rogue-wordpress-plugin-exposes-e.html www.secnews.physaphae.fr/article.php?IdArticle=8427490 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Indian government entities and the defense sector have been targeted by a phishing campaign that\'s engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. "New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate]]> 2023-12-22T18:49:00+00:00 https://thehackernews.com/2023/12/operation-rusticweb-rust-based-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8427392 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. "Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers\' unfamiliarity can hamper their investigation," Netskope researchers Ghanashyam Satpathy and Jan Michael Alcantara ]]> 2023-12-22T18:16:00+00:00 https://thehackernews.com/2023/12/decoy-microsoft-word-documents-used-to.html www.secnews.physaphae.fr/article.php?IdArticle=8427363 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for companies outside of Ukraine," cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 was first]]> 2023-12-22T13:16:00+00:00 https://thehackernews.com/2023/12/uac-0099-using-winrar-exploit-to-target.html www.secnews.physaphae.fr/article.php?IdArticle=8427261 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, and Refined Kitten. "]]> 2023-12-22T11:04:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-new-falsefont.html www.secnews.physaphae.fr/article.php?IdArticle=8427216 False Threat,Industrial APT33,APT 33 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn\'t survive a reboot on the infected Android system (it had it on iOS)," Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor]]> 2023-12-21T22:18:00+00:00 https://thehackernews.com/2023/12/multi-million-dollar-predator-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8426908 False Mobile,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted region,]]> 2023-12-21T21:51:00+00:00 https://thehackernews.com/2023/12/new-chameleon-android-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8426909 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new piece of JavaScript malware has been observed attempting to steal users\' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, Europe, and Japan.]]> 2023-12-21T18:08:00+00:00 https://thehackernews.com/2023/12/new-javascript-malware-targeted-50000.html www.secnews.physaphae.fr/article.php?IdArticle=8426758 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial impacts of breaches. With this data, they can make data driven decisions about how they implement]]> 2023-12-21T16:23:00+00:00 https://thehackernews.com/2023/12/cost-of-data-breach-report-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8426727 False Data Breach None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to "tens of thousands of users." The exercise, which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine, began on December 16, 2023, the Federal Criminal Police Office (BKA) said. Kingdom]]> 2023-12-21T15:33:00+00:00 https://thehackernews.com/2023/12/german-authorities-dismantle-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=8426696 False Malware,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office\'s]]> 2023-12-21T12:52:00+00:00 https://thehackernews.com/2023/12/hackers-exploiting-old-ms-excel.html www.secnews.physaphae.fr/article.php?IdArticle=8426609 False Malware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément]]> 2023-12-21T09:11:00+00:00 https://thehackernews.com/2023/12/urgent-new-chrome-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8426535 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns. "Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one underprotected device to compromise the entire network," Mark Loman, vice]]> 2023-12-20T19:02:00+00:00 https://thehackernews.com/2023/12/remote-encryption-attacks-surge-how-one.html www.secnews.physaphae.fr/article.php?IdArticle=8426114 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hands-On Review: Memcyco\'s Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing reputation damage and financial losses for both organizations and customers. The Growing Threat of]]> 2023-12-20T16:35:00+00:00 https://thehackernews.com/2023/12/product-explained-memcycos-real-time.html www.secnews.physaphae.fr/article.php?IdArticle=8426054 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages with the ultimate goal of gathering sensitive information from residents and foreigners in the country. "These criminals send malicious links to their victims\' mobile devices through SMS or]]> 2023-12-20T15:50:00+00:00 https://thehackernews.com/2023/12/alert-chinese-hackers-pose-as-uae.html www.secnews.physaphae.fr/article.php?IdArticle=8426026 False Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries. The exercise, which took place from July through December 2023, took aim at various types of financial crimes such as voice phishing, romance scams, online sextortion, investment fraud, money laundering]]> 2023-12-20T14:09:00+00:00 https://thehackernews.com/2023/12/3500-arrested-in-global-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8425964 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems. AT&T Alien Labs, which made the discovery, said the malware is "equipped with an extensive array of commands from its command-and-control (C&C) server." Artifacts designed for macOS were first observed in July]]> 2023-12-20T13:40:00+00:00 https://thehackernews.com/2023/12/new-go-based-jaskago-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8425965 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of Investigation (FBI) enlisted the help of a confidential human source (CHS) to act as an affiliate for the BlackCat and gain]]> 2023-12-19T21:22:00+00:00 https://thehackernews.com/2023/12/fbi-takes-down-blackcat-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425555 False Ransomware,Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national who was indicted by the U.S. government earlier this year for his alleged role in launching thousands of attacks across the world. Matveev, who resides in Saint Petersburg and is known by the aliases Wazawaka, m1x, Boriselcin, Uhodiransomwar,]]> 2023-12-19T20:46:00+00:00 https://thehackernews.com/2023/12/behind-scenes-of-matveevs-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425524 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. "Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second stage malware and sidestep detection tools," ReversingLabs researcher Karlo Zanki ]]> 2023-12-19T19:00:00+00:00 https://thehackernews.com/2023/12/hackers-abusing-github-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8425467 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering remains one of the most prevalent attacks]]> 2023-12-19T17:23:00+00:00 https://thehackernews.com/2023/12/are-we-ready-to-give-up-on-security.html www.secnews.physaphae.fr/article.php?IdArticle=8425430 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under the name Seedworm, which is also tracked under the monikers Boggy Serpens, Cobalt]]> 2023-12-19T17:11:00+00:00 https://thehackernews.com/2023/12/iranian-hackers-using-muddyc2go-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8425431 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. "PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577," Malwarebytes\' Jérôme Segura said. The malware family,]]> 2023-12-19T16:32:00+00:00 https://thehackernews.com/2023/12/new-malvertising-campaign-distributing.html www.secnews.physaphae.fr/article.php?IdArticle=8425401 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated]]> 2023-12-19T12:28:00+00:00 https://thehackernews.com/2023/12/8220-gang-exploiting-oracle-weblogic.html www.secnews.physaphae.fr/article.php?IdArticle=8425288 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. "Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations in North]]> 2023-12-19T11:12:00+00:00 https://thehackernews.com/2023/12/double-extortion-play-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425246 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security]]> 2023-12-18T21:13:00+00:00 https://thehackernews.com/2023/12/beware-experts-reveal-new-details-on.html www.secnews.physaphae.fr/article.php?IdArticle=8424888 False Vulnerability,Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud.  These applications contain a wealth of data, from minimally sensitive general]]> 2023-12-18T20:10:00+00:00 https://thehackernews.com/2023/12/top-7-trends-shaping-saas-security-in.html www.secnews.physaphae.fr/article.php?IdArticle=8424859 False Prediction,Medical,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of delivering "specific distributor needs," but also makes it more potent, Check Point said&]]> 2023-12-18T20:01:00+00:00 https://thehackernews.com/2023/12/rhadamanthys-malware-swiss-army-knife.html www.secnews.physaphae.fr/article.php?IdArticle=8424825 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via cryptocurrency investment scams. The defendants – Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, Rosemead, California; and Hailong Zhu, 40, Naperville, Illinois – have been charged with conspiracy to commit money laundering,]]> 2023-12-18T17:43:00+00:00 https://thehackernews.com/2023/12/four-us-nationals-charged-in-80-million.html www.secnews.physaphae.fr/article.php?IdArticle=8424758 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly using platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems? The simple truth is often swept under]]> 2023-12-18T16:01:00+00:00 https://thehackernews.com/2023/12/unmasking-dark-side-of-low-codeno-code.html www.secnews.physaphae.fr/article.php?IdArticle=8424706 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network. Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry. "Targets]]> 2023-12-18T14:59:00+00:00 https://thehackernews.com/2023/12/qakbot-malware-resurfaces-with-new.html www.secnews.physaphae.fr/article.php?IdArticle=8424707 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency called out Iranian threat actors affiliated with]]> 2023-12-18T11:11:00+00:00 https://thehackernews.com/2023/12/cisa-urges-manufacturers-eliminate.html www.secnews.physaphae.fr/article.php?IdArticle=8424592 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) MongoDB on Saturday disclosed it\'s actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response]]> 2023-12-17T10:18:00+00:00 https://thehackernews.com/2023/12/mongodb-suffers-security-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8424056 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) China\'s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to "improve the comprehensive response capacity for data security incidents, to ensure timely and effective control, mitigation and elimination of hazards and losses caused]]> 2023-12-16T13:02:00+00:00 https://thehackernews.com/2023/12/chinas-miit-introduces-color-coded.html www.secnews.physaphae.fr/article.php?IdArticle=8423592 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it\'s tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM]]> 2023-12-16T10:30:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-storm-0539-rising.html www.secnews.physaphae.fr/article.php?IdArticle=8423552 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen Technologies, the malicious network is an amalgamation of two complementary activity]]> 2023-12-15T19:47:00+00:00 https://thehackernews.com/2023/12/new-kv-botnet-targeting-cisco-draytek.html www.secnews.physaphae.fr/article.php?IdArticle=8423240 False Threat Guam 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company said in a statement. This allowed the attackers to gain]]> 2023-12-15T18:31:00+00:00 https://thehackernews.com/2023/12/crypto-hardware-wallet-ledgers-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8423210 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and email clients saturating the internet]]> 2023-12-15T16:38:00+00:00 https://thehackernews.com/2023/12/bug-or-feature-hidden-web-application.html www.secnews.physaphae.fr/article.php?IdArticle=8423180 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The issues relate to two reflected cross-site scripting (XSS) bugs and one command injection flaw, according to new findings from Sonar. "Security inside a local network is often]]> 2023-12-15T16:32:00+00:00 https://thehackernews.com/2023/12/new-security-vulnerabilities-uncovered.html www.secnews.physaphae.fr/article.php?IdArticle=8423181 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Thursday announced that it will start testing a new feature called "Tracking Protection" starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit "cross-site tracking by restricting website access to third-party cookies by default," Anthony Chavez, vice president of Privacy]]> 2023-12-15T12:53:00+00:00 https://thehackernews.com/2023/12/googles-new-tracking-protection-in.html www.secnews.physaphae.fr/article.php?IdArticle=8423068 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications channel. "The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities," Russian]]> 2023-12-15T10:55:00+00:00 https://thehackernews.com/2023/12/new-nkabuse-malware-exploits-nkn.html www.secnews.physaphae.fr/article.php?IdArticle=8423047 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. "In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both," ESET researchers Marc-Etienne M.Léveillé and Rene]]> 2023-12-14T20:56:00+00:00 https://thehackernews.com/2023/12/116-malware-packages-found-on-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8422707 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pro-Hamas threat actor known as Gaza Cyber Gang is targeting Palestinian entities using an updated version of a backdoor dubbed Pierogi. The findings come from SentinelOne, which has given the malware the name Pierogi++ owing to the fact that it\'s implemented in the C++ programming language unlike its Delphi- and Pascal-based predecessor. "Recent Gaza Cybergang activities show]]> 2023-12-14T19:31:00+00:00 https://thehackernews.com/2023/12/new-pierogi-malware-by-gaza-cyber-gang.html www.secnews.physaphae.fr/article.php?IdArticle=8422669 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved the use of an updated version of a known OilRig downloader]]> 2023-12-14T18:00:00+00:00 https://thehackernews.com/2023/12/iranian-state-sponsored-oilrig-group.html www.secnews.physaphae.fr/article.php?IdArticle=8422615 False Malware,Threat APT 34 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in]]> 2023-12-14T16:47:00+00:00 https://thehackernews.com/2023/12/reimagining-network-pentesting-with-automation.html www.secnews.physaphae.fr/article.php?IdArticle=8422765 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in]]> 2023-12-14T16:47:00+00:00 https://thehackernews.com/2023/12/reimagining-network-pentesting-with.html www.secnews.physaphae.fr/article.php?IdArticle=8422616 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes. It\'s notable for the supply chain]]> 2023-12-14T16:02:00+00:00 https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8422584 False Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. "GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website content management systems (CMS) to steal sensitive]]> 2023-12-14T12:00:00+00:00 https://thehackernews.com/2023/12/new-hacker-group-gambleforce-tageting.html www.secnews.physaphae.fr/article.php?IdArticle=8422482 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting them millions of dollars in illicit revenue. "Fraudulent online accounts act as the gateway to a host of cybercrime,]]> 2023-12-14T11:16:00+00:00 https://thehackernews.com/2023/12/microsoft-takes-legal-action-to-crack.html www.secnews.physaphae.fr/article.php?IdArticle=8422461 False Tool,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the perceived authenticity of the initial malicious emails," cybersecurity firm Abnormal Security said in a report published today. BazaCall (aka BazarCall), which was first]]> 2023-12-13T20:52:00+00:00 https://thehackernews.com/2023/12/bazacall-phishing-scammers-now.html www.secnews.physaphae.fr/article.php?IdArticle=8422136 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of]]> 2023-12-13T18:45:00+00:00 https://thehackernews.com/2023/12/google-using-clang-sanitizers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8422108 False Tool,Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malware analysis encompasses a broad range of activities, including examining the malware\'s network traffic. To be effective at it, it\'s crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you\'ll need to address them. Decrypting HTTPS traffic Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure]]> 2023-12-13T17:32:00+00:00 https://thehackernews.com/2023/12/how-to-analyze-malwares-network-traffic.html www.secnews.physaphae.fr/article.php?IdArticle=8422060 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an]]> 2023-12-13T16:25:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8422035 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukraine\'s biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and internet services. "The cyberattack on Ukraine\'s #Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics show, with knock-on impacts reported to air raid alert network and banking sector as work continues]]> 2023-12-13T15:48:00+00:00 https://thehackernews.com/2023/12/major-cyber-attack-paralyzes-kyivstar.html www.secnews.physaphae.fr/article.php?IdArticle=8422003 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in addition to 18 flaws Microsoft addressed in its Chromium-based Edge browser since the release of Patch]]> 2023-12-13T11:20:00+00:00 https://thehackernews.com/2023/12/microsofts-final-2023-patch-tuesday-33.html www.secnews.physaphae.fr/article.php?IdArticle=8421903 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Let\'s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum?  Surprisingly, it\'s the EHR, and the difference is stark: according to a study, EHRs can sell for up to $1,000 each, compared to a mere $5 for a credit card number and $1 for a social]]> 2023-12-12T23:39:00+00:00 https://thehackernews.com/2023/12/unveiling-cyber-threats-to-healthcare.html www.secnews.physaphae.fr/article.php?IdArticle=8421650 False Studies,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is also known as BlueDelta, Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, Iron Twilight, Sednit, Sofacy, and]]> 2023-12-12T20:22:00+00:00 https://thehackernews.com/2023/12/russian-apt28-hackers-targeting-13.html www.secnews.physaphae.fr/article.php?IdArticle=8421570 False Threat APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023 has seen its fair share of cyber attacks, however there\'s one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new perimeter, and 2023 is only the beginning.  Why non-human access is a cybercriminal\'s paradise  People always]]> 2023-12-12T16:55:00+00:00 https://thehackernews.com/2023/12/non-human-access-is-path-of-least.html www.secnews.physaphae.fr/article.php?IdArticle=8421489 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. "This malware is a Python-based information stealer compressed with cx-Freeze to evade detection," Fortinet FortiGuard Labs researcher Cara Lin said. "MrAnon Stealer steals its victims\' credentials, system]]> 2023-12-12T15:25:00+00:00 https://thehackernews.com/2023/12/new-mranon-stealer-targeting-german-it.html www.secnews.physaphae.fr/article.php?IdArticle=8421466 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices. This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari]]> 2023-12-12T12:14:00+00:00 https://thehackernews.com/2023/12/apple-releases-security-updates-to.html www.secnews.physaphae.fr/article.php?IdArticle=8421391 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that could enable unauthorized path traversal and could be exploited under the circumstances to upload a malicious file]]> 2023-12-12T10:53:00+00:00 https://thehackernews.com/2023/12/new-critical-rce-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8421357 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that\'s known to use a backdoor known as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that the adversary\'s Lua-based malware LuaDream and KEYPLUG have been]]> 2023-12-11T19:29:00+00:00 https://thehackernews.com/2023/12/researchers-unmask-sandman-apts-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8421078 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation Blacksmith, noting the use of three DLang-based]]> 2023-12-11T18:30:00+00:00 https://thehackernews.com/2023/12/lazarus-group-using-log4j-exploits-to.html www.secnews.physaphae.fr/article.php?IdArticle=8421079 False Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In an increasingly digital world, no organization is spared from cyber threats. Yet, not every organization has the luxury of hiring a full-time, in-house CISO. This gap in cybersecurity leadership is where you, as a vCISO, come in. You are the person who will establish, develop, and solidify the organization\'s cybersecurity infrastructure, blending strategic guidance with actionable]]> 2023-12-11T17:15:00+00:00 https://thehackernews.com/2023/12/playbook-your-first-100-days-as-vciso-5.html www.secnews.physaphae.fr/article.php?IdArticle=8421011 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving cybersecurity landscape, one method stands out for its chilling effectiveness – social engineering. But why does it work so well? The answer lies in the intricate dance between the attacker\'s mind and human psychology. Our upcoming webinar, "Think Like a Hacker, Defend Like a Pro," highlights this alarming trend. We delve deep into social engineering, exploring its]]> 2023-12-11T16:23:00+00:00 https://thehackernews.com/2023/12/webinar-psychology-of-social.html www.secnews.physaphae.fr/article.php?IdArticle=8420988 False Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. "Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims\' personal and]]> 2023-12-11T12:39:00+00:00 https://thehackernews.com/2023/12/spyloan-scandal-18-malicious-loan-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8420925 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response (EDR) systems. SafeBreach researcher Alon Leviev said the methods are "capable of working across all processes without any limitations, making them more flexible than existing process]]> 2023-12-11T11:28:00+00:00 https://thehackernews.com/2023/12/new-poolparty-process-injection.html www.secnews.physaphae.fr/article.php?IdArticle=8420905 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking (LAM) as well as its analogous]]> 2023-12-09T17:22:00+00:00 https://thehackernews.com/2023/12/slam-attack-new-spectre-based.html www.secnews.physaphae.fr/article.php?IdArticle=8420428 False Vulnerability,Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader\'s core functionality hasn\'t changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing GuLoader a time-consuming and resource-intensive process," Elastic Security Labs]]> 2023-12-09T12:46:00+00:00 https://thehackernews.com/2023/12/researchers-unveal-guloader-malwares.html www.secnews.physaphae.fr/article.php?IdArticle=8420386 False Malware,Threat,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS. Of the 14 flaws – collectively called 5Ghoul (a combination of "5G" and "Ghoul") – 10 affect 5G modems from the two companies, out of which three]]> 2023-12-08T22:52:00+00:00 https://thehackernews.com/2023/12/new-5g-modems-flaws-affect-ios-devices.html www.secnews.physaphae.fr/article.php?IdArticle=8420246 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems. "The threat actor ultimately uses a backdoor to steal information and execute commands," the AhnLab Security Emergency Response Center (ASEC) said in an]]> 2023-12-08T19:03:00+00:00 https://thehackernews.com/2023/12/n-korean-kimsuky-targeting-south-korean.html www.secnews.physaphae.fr/article.php?IdArticle=8420188 False Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals with limited technical expertise to carry out devastating attacks.]]> 2023-12-08T16:38:00+00:00 https://thehackernews.com/2023/12/ransomware-as-service-growing-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8420156 False Ransomware,Threat,Prediction,Technical None 2.0000000000000000