This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T02:18:14+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit]]> 2023-12-08T15:22:00+00:00 https://thehackernews.com/2023/12/mac-users-beware-new-trojan-proxy.html www.secnews.physaphae.fr/article.php?IdArticle=8420157 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins,]]> 2023-12-08T14:53:00+00:00 https://thehackernews.com/2023/12/wordpress-releases-update-642-to.html www.secnews.physaphae.fr/article.php?IdArticle=8420158 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian founder of the now-defunct Bitzlato cryptocurrency exchange has pleaded guilty, nearly 11 months after he was arrested in Miami earlier this year. Anatoly Legkodymov (aka Anatolii Legkodymov, Gandalf, and Tolik), according to the U.S. Justice Department, admitted to operating an unlicensed money-transmitting business that enabled other criminal actors to launder their]]> 2023-12-08T11:11:00+00:00 https://thehackernews.com/2023/12/founder-of-bitzlato-cryptocurrency.html www.secnews.physaphae.fr/article.php?IdArticle=8420104 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star Blizzard (formerly SEABORGIUM). It\'s also called Blue Callisto, BlueCharlie (or TAG-53),]]> 2023-12-07T20:06:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-coldrivers-evolving.html www.secnews.physaphae.fr/article.php?IdArticle=8419911 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass]]> 2023-12-07T17:16:00+00:00 https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html www.secnews.physaphae.fr/article.php?IdArticle=8419854 False Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human qualities, sharpening their skills to manipulate biases and emotional triggers with the objective of]]> 2023-12-07T17:14:00+00:00 https://thehackernews.com/2023/12/hacking-human-mind-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8419855 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat intelligence refers to gathering, processing, and analyzing cyber threats, along with proactive defensive measures aimed at strengthening security. It enables organizations to gain a comprehensive insight into historical, present, and anticipated threats, providing context about the constantly evolving threat landscape. Importance of threat intelligence in the cybersecurity ecosystem]]> 2023-12-07T16:21:00+00:00 https://thehackernews.com/2023/12/building-robust-threat-intelligence.html www.secnews.physaphae.fr/article.php?IdArticle=8419834 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden. "Push notifications are alerts sent by phone apps to users\' smartphones," Wyden said. "These alerts pass through a digital post office run by the phone operating system provider -- overwhelmingly Apple or Google. Because of]]> 2023-12-07T15:54:00+00:00 https://thehackernews.com/2023/12/governments-may-spy-on-you-by.html www.secnews.physaphae.fr/article.php?IdArticle=8419835 False Threat,Mobile None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021. Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal its own presence during the initialization phase," Group-IB said in a report]]> 2023-12-07T11:45:00+00:00 https://thehackernews.com/2023/12/new-stealthy-krasue-linux-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8419786 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has officially begun to roll out support for end-to-end encryption (E2EE) in Messenger for personal calls and one-to-one personal messages by default in what it called the "most significant milestone yet." "This isn\'t a routine security update: we rebuilt the app from the ground up, in close consultation with privacy and safety experts," Loredana Crisan, vice president of]]> 2023-12-07T11:22:00+00:00 https://thehackernews.com/2023/12/meta-launches-default-end-to-end.html www.secnews.physaphae.fr/article.php?IdArticle=8419787 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth said in a Tuesday analysis. AWS STS is a web service that enables]]> 2023-12-06T19:08:00+00:00 https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8419566 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like]]> 2023-12-06T17:14:00+00:00 https://thehackernews.com/2023/12/new-report-unveiling-threat-of.html www.secnews.physaphae.fr/article.php?IdArticle=8419537 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like TinyXML and OpenNDS. Collectively tracked as Sierra:21, the issues expose over 86,000 devices across critical sectors like energy, healthcare, waste management, retail, emergency services, and vehicle tracking to cyber threats, according]]> 2023-12-06T16:48:00+00:00 https://thehackernews.com/2023/12/sierra21-flaws-in-sierra-wireless.html www.secnews.physaphae.fr/article.php?IdArticle=8419538 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents and alerts. Implementing automation throughout security operations helps security teams alleviate]]> 2023-12-06T15:44:00+00:00 https://thehackernews.com/2023/12/scaling-security-operations-with.html www.secnews.physaphae.fr/article.php?IdArticle=8419523 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. "The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,"]]> 2023-12-06T15:40:00+00:00 https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html www.secnews.physaphae.fr/article.php?IdArticle=8419524 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below - CVE-2022-1471 (CVSS score: 9.8) - Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products CVE-2023-22522 (CVSS score]]> 2023-12-06T14:48:00+00:00 https://thehackernews.com/2023/12/atlassian-releases-critical-software.html www.secnews.physaphae.fr/article.php?IdArticle=8419504 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023. The vulnerabilities are as follows - CVE-2023-33063 (CVSS score: 7.8) - Memory corruption in DSP Services during a remote call from HLOS to DSP. CVE-2023-33106 (CVSS score: 8.4) - Memory corruption in]]> 2023-12-06T10:53:00+00:00 https://thehackernews.com/2023/12/qualcomm-releases-details-on-chip.html www.secnews.physaphae.fr/article.php?IdArticle=8419451 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+ sentiment, U.S. military competence, and Germany\'s economic and social issues, according to a new]]> 2023-12-05T20:28:00+00:00 https://thehackernews.com/2023/12/russias-ai-powered-disinformation.html www.secnews.physaphae.fr/article.php?IdArticle=8419296 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it\'s actually not and carry out covert attacks. The novel, detailed by Jamf Threat Labs in a report shared with The Hacker News, "shows that if a hacker has already infiltrated your device, they can cause]]> 2023-12-05T20:28:00+00:00 https://thehackernews.com/2023/12/warning-for-iphone-users-experts-warn.html www.secnews.physaphae.fr/article.php?IdArticle=8419295 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps - Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft\'s dream is to take the drudgery out of daily work and let humans focus on being creative problem-solvers. What makes Copilot a different beast than ChatGPT and]]> 2023-12-05T16:59:00+00:00 https://thehackernews.com/2023/12/generative-ai-security-preventing.html www.secnews.physaphae.fr/article.php?IdArticle=8419257 False Tool ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. "More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes," Jacob Baines, chief technology officer at VulnCheck, said in a report shared with The Hacker News. "More than 6,000 repositories were vulnerable to repojacking due to account]]> 2023-12-05T15:44:00+00:00 https://thehackernews.com/2023/12/15000-go-module-repositories-on-github.html www.secnews.physaphae.fr/article.php?IdArticle=8419240 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what\'s suspected to be a cyber espionage mission. The BlackBerry Threat Research and Intelligence team is tracking the activity cluster as AeroBlade. Its origin is currently unknown and it\'s not clear if the attack was successful. "The actor used spear-phishing]]> 2023-12-05T13:25:00+00:00 https://thehackernews.com/2023/12/new-threat-actor-aeroblade-emerges-in.html www.secnews.physaphae.fr/article.php?IdArticle=8419204 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to victims\' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called Forest Blizzard (formerly Strontium), which is also widely tracked under the monikers APT28,]]> 2023-12-05T12:29:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-kremlin-backed-apt28.html www.secnews.physaphae.fr/article.php?IdArticle=8419205 False Vulnerability,Threat APT 28 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has unearthed multiple novel attacks that break Bluetooth Classic\'s forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers. The issues, collectively named BLUFFS, impact Bluetooth Core Specification 4.2 through 5.4. They are tracked under the identifier CVE-2023-24023 (CVSS score: 6.8)]]> 2023-12-04T18:46:00+00:00 https://thehackernews.com/2023/12/new-bluffs-bluetooth-attack-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8419020 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn\'t have access as well as trim unnecessary permissions. In addition to saving some unnecessary license fees, a clean user inventory significantly enhances the security of your SaaS applications. From reducing risk to protecting against data leakage, here is how]]> 2023-12-04T17:08:00+00:00 https://thehackernews.com/2023/12/make-fresh-start-for-2024-clean-out.html www.secnews.physaphae.fr/article.php?IdArticle=8418989 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that\'s capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages (MIPS) architecture, broadening its capabilities and reach. "It\'s highly likely that by targeting MIPS, the P2PInfect developers]]> 2023-12-04T16:33:00+00:00 https://thehackernews.com/2023/12/new-p2pinfect-botnet-mips-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8418990 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, "can be used by threat actors to deliver a malicious payload and bypass Secure Boot, Intel]]> 2023-12-04T12:23:00+00:00 https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8418948 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the deployment of CACTUS ransomware," the Microsoft Threat Intelligence team said in a series of posts on X (]]> 2023-12-04T09:50:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-malvertising-scheme.html www.secnews.physaphae.fr/article.php?IdArticle=8418912 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks Unit 42 researcher Chema Garcia ]]> 2023-12-02T13:59:00+00:00 https://thehackernews.com/2023/12/agent-racoon-backdoor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8418532 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data]]> 2023-12-02T13:22:00+00:00 https://thehackernews.com/2023/12/russian-hacker-vladimir-dunaev.html www.secnews.physaphae.fr/article.php?IdArticle=8418523 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. "Spreading primarily through messaging services, it combines app-based malware with social engineering to defraud banking customers," Oslo-based mobile app]]> 2023-12-01T18:10:00+00:00 https://thehackernews.com/2023/12/new-fjordphantom-android-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8418322 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in disrupting this long-running threat, concerns have arisen as it appears that Qakbot may still pose a danger in a reduced form. This article discusses the aftermath of the takedown, provides mitigation]]> 2023-12-01T16:20:00+00:00 https://thehackernews.com/2023/12/qakbot-takedown-aftermath-mitigations.html www.secnews.physaphae.fr/article.php?IdArticle=8418295 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The activity, which commenced no later than August 2023, leverages two different infection sequences to deliver the malware, which is a customized variant of Gh0st RAT ]]> 2023-12-01T16:19:00+00:00 https://thehackernews.com/2023/12/chinese-hackers-using-sugargh0st-rat-to.html www.secnews.physaphae.fr/article.php?IdArticle=8418296 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps, but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore\'s defenses, perpetrators made two attempts with two different strategies.]]> 2023-12-01T15:56:00+00:00 https://thehackernews.com/2023/12/discover-how-gcore-thwarted-powerful.html www.secnews.physaphae.fr/article.php?IdArticle=8418281 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an "additional way to protect those chats and make them harder to find if someone has access to your phone or you share a phone with someone else." Secret Code builds on another feature]]> 2023-12-01T15:34:00+00:00 https://thehackernews.com/2023/12/whatsapps-new-secret-code-feature-lets.html www.secnews.physaphae.fr/article.php?IdArticle=8418282 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of the Treasury\'s Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion. The agents, the Treasury said, helped in "revenue generation and missile-related technology procurement that support the DPRK\'s]]> 2023-12-01T13:13:00+00:00 https://thehackernews.com/2023/12/us-treasury-sanctions-north-korean.html www.secnews.physaphae.fr/article.php?IdArticle=8418258 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 (CVSS score: 9.8) - A command injection vulnerability that could allow an]]> 2023-12-01T11:52:00+00:00 https://thehackernews.com/2023/12/zyxel-releases-patches-to-fix-15-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8418239 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to]]> 2023-12-01T09:55:00+00:00 https://thehackernews.com/2023/12/zero-day-alert-apple-rolls-out-ios.html www.secnews.physaphae.fr/article.php?IdArticle=8418223 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and more," according to the project\'s]]> 2023-11-30T18:38:00+00:00 https://thehackernews.com/2023/11/google-unveils-retvec-gmails-new.html www.secnews.physaphae.fr/article.php?IdArticle=8418069 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage the third-party risks associated with SaaS, but first...  What exactly is]]> 2023-11-30T17:25:00+00:00 https://thehackernews.com/2023/11/this-free-solution-provides-essential.html www.secnews.physaphae.fr/article.php?IdArticle=8418052 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors from the Democratic People\'s Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. "Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from the rest of the world, the regime\'s]]> 2023-11-30T17:25:00+00:00 https://thehackernews.com/2023/11/north-koreas-lazarus-group-rakes-in-3.html www.secnews.physaphae.fr/article.php?IdArticle=8418053 False Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention in recent years due to its ability to generate realistic and diverse outputs. When it comes to security operations, Generative AI can play]]> 2023-11-30T16:48:00+00:00 https://thehackernews.com/2023/11/7-uses-for-generative-ai-to-enhance.html www.secnews.physaphae.fr/article.php?IdArticle=8418039 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access," Arctic Wolf]]> 2023-11-30T16:46:00+00:00 https://thehackernews.com/2023/11/cactus-ransomware-exploits-qlik-sense.html www.secnews.physaphae.fr/article.php?IdArticle=8418040 False Ransomware,Vulnerability,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. "Sinbad has processed millions of dollars\' worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists," the department said. "Sinbad is also used by]]> 2023-11-30T11:39:00+00:00 https://thehackernews.com/2023/11/us-treasury-sanctions-sinbad.html www.secnews.physaphae.fr/article.php?IdArticle=8417988 False None APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it\'s responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective known as Cyber Av3ngers. "Cyber threat]]> 2023-11-29T18:32:00+00:00 https://thehackernews.com/2023/11/iranian-hackers-exploit-plcs-in-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8417800 False Threat,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That\'s according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious operation, with the threat actor also observed carrying out phishing attacks against the targeted financial institutions.]]> 2023-11-29T15:43:00+00:00 https://thehackernews.com/2023/11/200-malicious-apps-on-iranian-android.html www.secnews.physaphae.fr/article.php?IdArticle=8417759 False Malware,Threat,Mobile,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a rapidly evolving digital landscape, it\'s crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they\'re reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay ahead of emerging threats.  To learn more, download the full report here. The New Paradigm If you\'ve been relying]]> 2023-11-29T14:51:00+00:00 https://thehackernews.com/2023/11/discover-why-proactive-web-security.html www.secnews.physaphae.fr/article.php?IdArticle=8417760 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system. "The threat actor downloaded the names and email addresses of all Okta customer support system users," the company said in a statement shared with The Hacker News. "All Okta Workforce Identity Cloud (WIC) and Customer]]> 2023-11-29T11:48:00+00:00 https://thehackernews.com/2023/11/okta-discloses-additional-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8417712 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers," Cybereason]]> 2023-11-29T11:25:00+00:00 https://thehackernews.com/2023/11/djvu-ransomwares-latest-variant-xaro.html www.secnews.physaphae.fr/article.php?IdArticle=8417699 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that\'s capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0) that has been]]> 2023-11-29T10:37:00+00:00 https://thehackernews.com/2023/11/gotitan-botnet-spotted-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8417700 False Vulnerability,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google\'s Threat Analysis Group (TAG) have been]]> 2023-11-29T09:57:00+00:00 https://thehackernews.com/2023/11/zero-day-alert-google-chrome-under.html www.secnews.physaphae.fr/article.php?IdArticle=8417701 False Vulnerability,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra\'s DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud.]]> 2023-11-28T18:20:00+00:00 https://thehackernews.com/2023/11/transform-your-data-security-posture.html www.secnews.physaphae.fr/article.php?IdArticle=8417498 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace\'s domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. "Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other]]> 2023-11-28T18:04:00+00:00 https://thehackernews.com/2023/11/design-flaw-in-google-workspace-could.html www.secnews.physaphae.fr/article.php?IdArticle=8417499 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization\'s entire network at risk. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022. Forty-nine]]> 2023-11-28T16:43:00+00:00 https://thehackernews.com/2023/11/how-hackers-phish-for-your-users.html www.secnews.physaphae.fr/article.php?IdArticle=8417480 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of the 32-year-old ringleader," Europol said in a statement today. "Four of the ringleader\'s most active accomplices were]]> 2023-11-28T16:03:00+00:00 https://thehackernews.com/2023/11/key-cybercriminals-behind-notorious.html www.secnews.physaphae.fr/article.php?IdArticle=8417481 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity and Access Management (IAM) systems are a staple to ensure only authorized individuals or entities have access to specific resources in order to protect sensitive information and secure business assets. But did you know that today over 80% of attacks now involve identity, compromised credentials or bypassing the authentication mechanism? Recent breaches at MGM and Caesars have]]> 2023-11-28T15:54:00+00:00 https://thehackernews.com/2023/11/stop-identity-attacks-discover-key-to.html www.secnews.physaphae.fr/article.php?IdArticle=8417464 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user\'s NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to external data sources, such as a remote SQL]]> 2023-11-28T15:53:00+00:00 https://thehackernews.com/2023/11/hackers-can-exploit-forced.html www.secnews.physaphae.fr/article.php?IdArticle=8417465 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. The findings come from cybersecurity firm SentinelOne, which also tied a third macOS-specific malware called ObjCShellz to the RustBucket campaign.]]> 2023-11-28T10:24:00+00:00 https://thehackernews.com/2023/11/n-korean-hackers-mixing-and-matching.html www.secnews.physaphae.fr/article.php?IdArticle=8417390 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information.  SaaS applications supporting retail efforts will host]]> 2023-11-27T23:27:00+00:00 https://thehackernews.com/2023/11/how-to-handle-retail-saas-security-on.html www.secnews.physaphae.fr/article.php?IdArticle=8417295 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new study has demonstrated that it\'s possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational faults that occur while the connection is being established. The Secure Shell (SSH) protocol is a method for securely transmitting commands and logging in to a computer over an unsecured network. Based on a]]> 2023-11-27T18:48:00+00:00 https://thehackernews.com/2023/11/experts-uncover-passive-method-to.html www.secnews.physaphae.fr/article.php?IdArticle=8417207 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. and U.S., along with international partners from 16 other countries, have released new guidelines for the development of secure artificial intelligence (AI) systems. "The approach prioritizes ownership of security outcomes for customers, embraces radical transparency and accountability, and establishes organizational structures where secure design is a top priority," the U.S.]]> 2023-11-27T12:25:00+00:00 https://thehackernews.com/2023/11/us-uk-and-global-partners-release.html www.secnews.physaphae.fr/article.php?IdArticle=8417122 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what\'s suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and in-memory execution,” Kaspersky security researcher Mert]]> 2023-11-25T10:38:00+00:00 https://thehackernews.com/2023/11/new-hrservdll-web-shell-detected-in-apt.html www.secnews.physaphae.fr/article.php?IdArticle=8416729 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows - Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from 0.2.0 to 0.3.0. (CVSS score: 10.0)]]> 2023-11-25T09:30:00+00:00 https://thehackernews.com/2023/11/warning-3-critical-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8416720 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More details have emerged about a malicious Telegram bot called Telekopye that\'s used by threat actors to pull off large-scale phishing scams. "Telekopye can craft phishing websites, emails, SMS messages, and more," ESET security researcher Radek Jizba said in a new analysis. The threat actors behind the operation – codenamed Neanderthals – are known to run the criminal enterprise as a]]> 2023-11-24T21:02:00+00:00 https://thehackernews.com/2023/11/cybercriminals-using-telekopye-telegram.html www.secnews.physaphae.fr/article.php?IdArticle=8416610 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian\'s engineers had to solve in implementing the mechanisms for their new HasMySecretLeaked service. They wanted to help developers find out if their secrets (passwords, API keys, private keys, cryptographic certificates, etc.) had found their way into public GitHub repositories. How]]> 2023-11-24T16:23:00+00:00 https://thehackernews.com/2023/11/tell-me-your-secrets-without-telling-me.html www.secnews.physaphae.fr/article.php?IdArticle=8416556 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. “Among the most prominent changes is the shift to Rust language, which indicates the malware code was entirely rewritten, while still maintaining similar]]> 2023-11-24T16:01:00+00:00 https://thehackernews.com/2023/11/hamas-linked-cyberattacks-using-rust.html www.secnews.physaphae.fr/article.php?IdArticle=8416540 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some of those impacted include two top blockchain]]> 2023-11-24T12:14:00+00:00 https://thehackernews.com/2023/11/kubernetes-secrets-of-fortune-500.html www.secnews.physaphae.fr/article.php?IdArticle=8416507 False None Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts. The activity has been attributed to a threat actor called Konni, which is assessed to share overlaps with a North Korean cluster tracked as Kimsuky (aka APT43). "This campaign relies on a remote access trojan]]> 2023-11-23T20:16:00+00:00 https://thehackernews.com/2023/11/konni-group-using-russian-language.html www.secnews.physaphae.fr/article.php?IdArticle=8416352 False None APT 43 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage," IBM X-Force researchers Charlotte Hammond, Ole Villadsen, and Kat]]> 2023-11-23T18:24:00+00:00 https://thehackernews.com/2023/11/alert-new-wailingcrab-malware-loader.html www.secnews.physaphae.fr/article.php?IdArticle=8416338 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Modern security tools continue to improve in their ability to defend organizations\' networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as quickly as possible. That\'s why it\'s essential that these teams not only have the right tools but also understand how to effectively]]> 2023-11-23T16:18:00+00:00 https://thehackernews.com/2023/11/6-steps-to-accelerate-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8416299 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. “The payload targets routers and network video recorder (NVR) devices with default admin credentials and installs Mirai variants when successful,” Akamai said in an advisory]]> 2023-11-23T16:17:00+00:00 https://thehackernews.com/2023/11/mirai-based-botnet-exploiting-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8416300 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. "This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads,]]> 2023-11-23T11:16:00+00:00 https://thehackernews.com/2023/11/north-korean-hackers-distribute.html www.secnews.physaphae.fr/article.php?IdArticle=8416244 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product security and offensive research firm Blackwing Intelligence, who found the weaknesses in the fingerprint sensors from Goodix,]]> 2023-11-22T20:53:00+00:00 https://thehackernews.com/2023/11/new-flaws-in-fingerprint-sensors-let.html www.secnews.physaphae.fr/article.php?IdArticle=8415971 False Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and Wagemole, respectively, by Palo Alto Networks Unit 42. While the first set of attacks]]> 2023-11-22T17:44:00+00:00 https://thehackernews.com/2023/11/north-korean-hackers-pose-as-job.html www.secnews.physaphae.fr/article.php?IdArticle=8415895 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security RisksLike the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot.  Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT\'s meteoric rise to 100 million users within 60 days of launch, especially with little]]> 2023-11-22T16:38:00+00:00 https://thehackernews.com/2023/11/ai-solutions-are-new-shadow-it.html www.secnews.physaphae.fr/article.php?IdArticle=8415868 False Tool,Cloud ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. "This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation but also operating system," Malwarebytes\' Jérôme Segura said in a Tuesday analysis. Atomic]]> 2023-11-22T12:45:00+00:00 https://thehackernews.com/2023/11/clearfake-campaign-expands-to-deliver.html www.secnews.physaphae.fr/article.php?IdArticle=8415777 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI),]]> 2023-11-22T10:19:00+00:00 https://thehackernews.com/2023/11/lockbit-ransomware-exploiting-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8415738 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it," the]]> 2023-11-21T19:26:00+00:00 https://thehackernews.com/2023/11/play-ransomware-goes-commercial-now.html www.secnews.physaphae.fr/article.php?IdArticle=8415387 False Ransomware,Threat,Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and RAR," G Data malware analyst Anna Lvova said in a Monday analysis.]]> 2023-11-21T17:27:00+00:00 https://thehackernews.com/2023/11/new-agent-tesla-malware-variant-using.html www.secnews.physaphae.fr/article.php?IdArticle=8415361 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing Quishing, a phishing technique resulting from the]]> 2023-11-21T16:10:00+00:00 https://thehackernews.com/2023/11/how-multi-stage-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8415336 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host\'s resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative]]> 2023-11-21T15:30:00+00:00 https://thehackernews.com/2023/11/kinsing-hackers-exploit-apache-activemq.html www.secnews.physaphae.fr/article.php?IdArticle=8415313 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations,]]> 2023-11-21T13:16:00+00:00 https://thehackernews.com/2023/11/malicious-apps-disguised-as-banks-and.html www.secnews.physaphae.fr/article.php?IdArticle=8415268 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out organizations in the South Pacific. "The campaigns leveraged legitimate software]]> 2023-11-21T12:28:00+00:00 https://thehackernews.com/2023/11/mustang-panda-hackers-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8415227 False None APT 27 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. "The delivery mechanisms for the NetSupport RAT encompass fraudulent updates, drive-by downloads, utilization of malware loaders (such as GHOSTPULSE), and various forms of phishing campaigns," VMware Carbon Black researchers said in a report shared with The]]> 2023-11-20T20:49:00+00:00 https://thehackernews.com/2023/11/netsupport-rat-infections-on-rise.html www.secnews.physaphae.fr/article.php?IdArticle=8414924 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging the now-defunct QakBot trojan. “These include hijacked email threads as the initial infection, URLs with unique patterns that limit user access, and an infection chain nearly identical to what we have seen with QakBot delivery,” Cofense said in a report]]> 2023-11-20T20:20:00+00:00 https://thehackernews.com/2023/11/darkgate-and-pikabot-malware-resurrect.html www.secnews.physaphae.fr/article.php?IdArticle=8414899 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In this article, we will provide a brief overview of Silverfort\'s platform, the first (and currently only) unified identity protection platform on the market. Silverfort\'s patented technology aims to protect organizations from identity-based attacks by integrating with existing identity and access management solutions, such as AD (Active Directory) and cloud-based services, and extending secure]]> 2023-11-20T20:20:00+00:00 https://thehackernews.com/2023/11/product-walkthrough-silverforts-unified.html www.secnews.physaphae.fr/article.php?IdArticle=8414900 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today\'s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. On top of that,]]> 2023-11-20T16:32:00+00:00 https://thehackernews.com/2023/11/why-defenders-should-embrace-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8414825 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until human mouse activity is detected," Outpost24 security researcher Alberto Marín said in a technical]]> 2023-11-20T16:19:00+00:00 https://thehackernews.com/2023/11/lummac2-malware-deploys-new.html www.secnews.physaphae.fr/article.php?IdArticle=8414826 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. "Randstorm() is a term we coined to describe a collection of bugs, design decisions, and API changes that, when brought in contact with each other, combine]]> 2023-11-20T14:46:00+00:00 https://thehackernews.com/2023/11/randstorm-exploit-bitcoin-wallets.html www.secnews.physaphae.fr/article.php?IdArticle=8414777 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while]]> 2023-11-20T12:12:00+00:00 https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html www.secnews.physaphae.fr/article.php?IdArticle=8414706 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group\'s Phobos variants are distributed by SmokeLoader, a backdoor trojan," security researcher Guilherme Venere said in an]]> 2023-11-18T16:57:00+00:00 https://thehackernews.com/2023/11/8base-group-deploying-new-phobos.html www.secnews.physaphae.fr/article.php?IdArticle=8413874 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon\'s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging in large-scale campaigns that are]]> 2023-11-18T12:02:00+00:00 https://thehackernews.com/2023/11/russian-cyber-espionage-group-deploys.html www.secnews.physaphae.fr/article.php?IdArticle=8413795 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. “The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, which redirects the]]> 2023-11-17T19:01:00+00:00 https://thehackernews.com/2023/11/beware-malicious-google-ads-trick.html www.secnews.physaphae.fr/article.php?IdArticle=8413407 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Communications Commission (FCC) is adopting new rules that aim to protect consumers from cell phone account scams that make it possible for malicious actors to orchestrate SIM-swapping attacks and port-out fraud. “The rules will help protect consumers from scammers who target data and personal information by covertly swapping SIM cards to a new device or porting phone numbers to]]> 2023-11-17T18:07:00+00:00 https://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html www.secnews.physaphae.fr/article.php?IdArticle=8413381 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In 2023, the cloud isn\'t just a technology-it\'s a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an exclusive webinar: \'Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.\' Join us for an]]> 2023-11-17T16:00:00+00:00 https://thehackernews.com/2023/11/discover-2023s-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8413333 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27 packages, which masqueraded as popular legitimate Python libraries, attracted thousands of downloads,]]> 2023-11-17T15:26:00+00:00 https://thehackernews.com/2023/11/27-malicious-pypi-packages-with.html www.secnews.physaphae.fr/article.php?IdArticle=8413334 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that\'s known to employ sophisticated phishing tactics to infiltrate targets. "Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their]]> 2023-11-17T13:02:00+00:00 https://thehackernews.com/2023/11/us-cybersecurity-agencies-warn-of.html www.secnews.physaphae.fr/article.php?IdArticle=8413267 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows - CVE-2023-36584 (CVSS score: 5.4) - Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability CVE-2023-1671 (CVSS score: 9.8) -]]> 2023-11-17T11:27:00+00:00 https://thehackernews.com/2023/11/cisa-adds-three-security-flaws-with.html www.secnews.physaphae.fr/article.php?IdArticle=8413229 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News. The flaw, tracked as CVE-2023-37580 (CVSS score:]]> 2023-11-16T21:39:00+00:00 https://thehackernews.com/2023/11/zero-day-flaw-in-zimbra-email-software.html www.secnews.physaphae.fr/article.php?IdArticle=8412958 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino is an APT threat actor with strong technical and learning ability, who is good]]> 2023-11-16T19:21:00+00:00 https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html www.secnews.physaphae.fr/article.php?IdArticle=8412886 False Threat,Technical None 2.0000000000000000