This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:27:58+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform.  Their bi-annual “You Did What with Tines?!” competition highlights some of the most interesting workflows submitted by their]]> 2024-12-13T17:00:00+00:00 https://thehackernews.com/2024/12/how-to-generate-crowdstrike-rfm-report.html www.secnews.physaphae.fr/article.php?IdArticle=8624552 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. "PUMAKIT is a sophisticated loadable kernel module (LKM) rootkit that employs advanced stealth mechanisms to hide its presence and maintain communication with]]> 2024-12-13T14:41:00+00:00 https://thehackernews.com/2024/12/new-linux-rootkit-pumakit-uses-advanced.html www.secnews.physaphae.fr/article.php?IdArticle=8624485 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox ("rydox.ru" and "rydox[.]cc") for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud. In tandem, three Kosovo nationals and administrators of the service, Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli, have been arrested. Ardit]]> 2024-12-13T11:36:00+00:00 https://thehackernews.com/2024/12/fbi-busts-rydox-marketplace-with-7600.html www.secnews.physaphae.fr/article.php?IdArticle=8624443 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks. "Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API]]> 2024-12-12T19:54:00+00:00 https://thehackernews.com/2024/12/296000-prometheus-instances-exposed.html www.secnews.physaphae.fr/article.php?IdArticle=8624073 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both]]> 2024-12-12T19:05:00+00:00 https://thehackernews.com/2024/12/gamaredon-deploys-android-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8624074 False Malware,Tool,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched security vulnerability in Apple\'s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved]]> 2024-12-12T18:05:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-symlink-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8624016 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it\'s no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect both the bottom line and employee productivity.  In this article, we\'ll break down this topic]]> 2024-12-12T17:00:00+00:00 https://thehackernews.com/2024/12/saas-budget-planning-guide-for-it.html www.secnews.physaphae.fr/article.php?IdArticle=8624017 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks. The flaw, tracked as CVE-2024-11972 (CVSS score: 9.8), affects all versions of the plugin prior to 1.9.0. The plugin has over 10,000 active installations. "This flaw poses a significant security risk, as it]]> 2024-12-12T14:48:00+00:00 https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8623961 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year international exercise called PowerOFF. The effort, coordinated by Europol and involving 15 countries, dismantled several booter and stresser websites, including zdstresser.net, orbitalstress.net, and]]> 2024-12-12T11:45:00+00:00 https://thehackernews.com/2024/12/europol-dismantles-27-ddos-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8623889 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom malware onto "specifically]]> 2024-12-11T23:32:00+00:00 https://thehackernews.com/2024/12/secret-blizzard-deploys-kazuar-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8623598 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. "To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "]]> 2024-12-11T20:43:00+00:00 https://thehackernews.com/2024/12/new-malware-technique-could-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8623520 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft\'s multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim\'s account. "The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the]]> 2024-12-11T20:02:00+00:00 https://thehackernews.com/2024/12/microsoft-mfa-authquake-flaw-enabled.html www.secnews.physaphae.fr/article.php?IdArticle=8623489 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. "Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an interactive shell]]> 2024-12-11T19:37:00+00:00 https://thehackernews.com/2024/12/zloader-malware-returns-with-dns.html www.secnews.physaphae.fr/article.php?IdArticle=8623490 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a novel surveillance program that\'s suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices. The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform as recently as]]> 2024-12-11T16:32:00+00:00 https://thehackernews.com/2024/12/chinese-eaglemsgspy-spyware-found.html www.secnews.physaphae.fr/article.php?IdArticle=8623430 False Malware,Tool,Legislation,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat Hunter Team]]> 2024-12-11T16:30:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-espionage-tactics.html www.secnews.physaphae.fr/article.php?IdArticle=8623431 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the vulnerabilities are remote code execution flaws, and 27 of them allow for the]]> 2024-12-11T12:46:00+00:00 https://thehackernews.com/2024/12/microsoft-fixes-72-flaws-including.html www.secnews.physaphae.fr/article.php?IdArticle=8623292 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Guan has been]]> 2024-12-11T11:59:00+00:00 https://thehackernews.com/2024/12/us-charges-chinese-hacker-for.html www.secnews.physaphae.fr/article.php?IdArticle=8623270 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote]]> 2024-12-11T08:29:00+00:00 https://thehackernews.com/2024/12/ivanti-issues-critical-security-updates.html www.secnews.physaphae.fr/article.php?IdArticle=8623183 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo\'s LexiCom,]]> 2024-12-10T21:27:00+00:00 https://thehackernews.com/2024/12/cleo-file-transfer-vulnerability-under.html www.secnews.physaphae.fr/article.php?IdArticle=8622950 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that\'s designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu Pratapagiri researcher said in a new report. "As part of their fraudulent hiring process, the]]> 2024-12-10T19:43:00+00:00 https://thehackernews.com/2024/12/fake-recruiters-distribute-banking.html www.secnews.physaphae.fr/article.php?IdArticle=8622896 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay]]> 2024-12-10T17:20:00+00:00 https://thehackernews.com/2024/12/the-future-of-network-security.html www.secnews.physaphae.fr/article.php?IdArticle=8622853 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims\' financial data and funds. As part of the international operation, law enforcement agencies carried out 17 searches in different locations in Belgium and the Netherlands, Europol said. In addition, large amounts of cash,]]> 2024-12-10T16:49:00+00:00 https://thehackernews.com/2024/12/phone-phishing-gang-busted-eight.html www.secnews.physaphae.fr/article.php?IdArticle=8622822 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker News, adding]]> 2024-12-10T16:30:00+00:00 https://thehackernews.com/2024/12/hackers-weaponize-visual-studio-code.html www.secnews.physaphae.fr/article.php?IdArticle=8622823 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber attackers never stop inventing new ways to compromise their targets. That\'s why organizations must stay updated on the latest threats.  Here\'s a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security Systems  The analyst]]> 2024-12-10T15:31:00+00:00 https://thehackernews.com/2024/12/ongoing-phishing-and-malware-campaigns.html www.secnews.physaphae.fr/article.php?IdArticle=8622795 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 (aka UNC4221), which has been active since at least 2022. "The phishing emails mimicked official messages]]> 2024-12-10T14:42:00+00:00 https://thehackernews.com/2024/12/cert-ua-warns-of-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8622796 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user\'s email to numerous mailing lists simultaneously," Rapid7]]> 2024-12-09T23:14:00+00:00 https://thehackernews.com/2024/12/black-basta-ransomware-evolves-with.html www.secnews.physaphae.fr/article.php?IdArticle=8622400 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) This week\'s cyber world is like a big spy movie. Hackers are breaking into other hackers\' setups, sneaky malware is hiding in popular software, and AI-powered scams are tricking even the smartest of us. On the other side, the good guys are busting secret online markets and kicking out shady chat rooms, while big companies rush to fix new security holes before attackers can jump in. Want to]]> 2024-12-09T18:41:00+00:00 https://thehackernews.com/2024/12/thn-recap-top-cybersecurity-threats_9.html www.secnews.physaphae.fr/article.php?IdArticle=8622270 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of a victim\'s account by means of a prompt injection attack. Security researcher Johann Rehberger, who has chronicled many a prompt injection attack targeting various AI tools, found that providing the input "Print]]> 2024-12-09T17:25:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-prompt-injection.html www.secnews.physaphae.fr/article.php?IdArticle=8622210 False Tool,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity security is all the rage right now, and rightfully so. Securing identities that access an organization\'s resources is a sound security model. But IDs have their limits, and there are many use cases when a business should add other layers of security to a strong identity. And this is what we at SSH Communications Security want to talk about today. Let\'s look at seven ways to add]]> 2024-12-09T16:30:00+00:00 https://thehackernews.com/2024/12/seven-bolt-ons-to-make-your-entra-id.html www.secnews.physaphae.fr/article.php?IdArticle=8622211 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight. "Proxy malware and services enable other types of criminal activity adding uncontrolled layers of anonymity to the threat actors, so they can perform all kinds of malicious activity using chains of victim systems," the company\'s security research team said in an analysis]]> 2024-12-09T16:14:00+00:00 https://thehackernews.com/2024/12/socks5systemz-botnet-powers-illegal.html www.secnews.physaphae.fr/article.php?IdArticle=8622212 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner. The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. A subsequently released version has introduced a security fix that "ensures]]> 2024-12-07T16:24:00+00:00 https://thehackernews.com/2024/12/ultralytics-ai-library-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8621171 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management (PAM) solutions often fall short, leaving: Blind spots that limit full visibility. Complex deployment processes.]]> 2024-12-07T14:08:00+00:00 https://thehackernews.com/2024/12/learn-how-experts-secure-privileged.html www.secnews.physaphae.fr/article.php?IdArticle=8621105 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy," Cado Security researcher Tara Gould said. "The company]]> 2024-12-07T13:48:00+00:00 https://thehackernews.com/2024/12/hackers-using-fake-video-conferencing.html www.secnews.physaphae.fr/article.php?IdArticle=8621106 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a historic decision, Romania\'s constitutional court has annulled the result of the first round of voting in the presidential election amid allegations of Russian interference. As a result, the second round vote, which was scheduled for December 8, 2024, will no longer take place. Călin Georgescu, who won the first round, denounced the verdict as an "officialized coup" and an attack on]]> 2024-12-07T12:55:00+00:00 https://thehackernews.com/2024/12/romania-cancels-presidential-election.html www.secnews.physaphae.fr/article.php?IdArticle=8621107 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of Toronto\'s Citizen Lab. "The spyware placed on his device allows the operator to track a target device\'s]]> 2024-12-06T21:45:00+00:00 https://thehackernews.com/2024/12/fsb-uses-trojan-app-to-monitor-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8620743 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month. Unlike the first]]> 2024-12-06T16:58:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-flaws-in-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8620630 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities make data protection and seamless business continuity challenging for businesses of all sizes. Your organization needs robust security measures that go beyond traditional backup solutions to address the intricacies of today\'s complex IT ecosystems.]]> 2024-12-06T16:30:00+00:00 https://thehackernews.com/2024/12/conquering-complexities-of-modern-bcdr.html www.secnews.physaphae.fr/article.php?IdArticle=8620631 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using VenomLNK, a staple tool that serves as an initial access vector for the deployment of follow-on]]> 2024-12-06T13:52:00+00:00 https://thehackernews.com/2024/12/moreeggs-maas-expands-operations-with.html www.secnews.physaphae.fr/article.php?IdArticle=8620521 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that\'s designed to drop the Visual Basic Script malware, Recorded Future\'s Insikt Group said in a new analysis.]]> 2024-12-06T12:33:00+00:00 https://thehackernews.com/2024/12/hackers-leveraging-cloudflare-tunnels.html www.secnews.physaphae.fr/article.php?IdArticle=8620499 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring," Cleafy researchers Simone Mattia, Alessandro]]> 2024-12-05T21:28:00+00:00 https://thehackernews.com/2024/12/this-3000-android-trojan-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8620161 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability in question is CVE-2024-41713 (CVSS score: 9.8), which relates to a case of insufficient input]]> 2024-12-05T20:26:00+00:00 https://thehackernews.com/2024/12/critical-mitel-micollab-flaw-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8620131 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol on Thursday announced the shutdown of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale. The operation, led by German authorities, has resulted in the seizure of more than 50 servers associated with the service and the arrest of two suspects. More than 200 terabytes of digital evidence have been collected. Manson Market ("manson-market[.]pw") is]]> 2024-12-05T20:25:00+00:00 https://thehackernews.com/2024/12/europol-shuts-down-manson-market-fraud.html www.secnews.physaphae.fr/article.php?IdArticle=8620132 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs. "Earth Minotaur uses MOONSHINE to deliver the DarkNimbus backdoor to Android and Windows devices, targeting WeChat, and possibly making it a]]> 2024-12-05T18:13:00+00:00 https://thehackernews.com/2024/12/hackers-target-uyghurs-and-tibetans.html www.secnews.physaphae.fr/article.php?IdArticle=8620079 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management]]> 2024-12-05T17:15:00+00:00 https://thehackernews.com/2024/12/want-to-grow-vulnerability-management.html www.secnews.physaphae.fr/article.php?IdArticle=8620044 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According to Broadcom-owned Symantec, the first evidence of the malicious activity was detected on April 11, 2024 and continued until August. However, the company doesn\'t rule out the possibility that the intrusion may have occurred earlier. "The attackers moved laterally]]> 2024-12-05T16:30:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-4-month-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=8620019 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis. "An interesting aspect of this campaign is the comeback of a backdoor]]> 2024-12-05T13:00:00+00:00 https://thehackernews.com/2024/12/anel-and-noopdoor-backdoors-weaponized.html www.secnews.physaphae.fr/article.php?IdArticle=8619940 False Threat,Prediction,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America. The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to two Russian-speaking networks]]> 2024-12-05T11:17:00+00:00 https://thehackernews.com/2024/12/nca-busts-russian-crypto-networks.html www.secnews.physaphae.fr/article.php?IdArticle=8619888 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-51378 (CVSS score: 10.0) - An incorrect default permissions]]> 2024-12-05T10:39:00+00:00 https://thehackernews.com/2024/12/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8619889 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, first observed in December 2022, is the latest instance of the nation-state adversary "embedding]]> 2024-12-04T22:53:00+00:00 https://thehackernews.com/2024/12/russia-linked-turla-exploits-pakistani.html www.secnews.physaphae.fr/article.php?IdArticle=8619578 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that\'s created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that was launched in 2021 after the messaging service was discovered on the phone of a criminal convicted]]> 2024-12-04T17:50:00+00:00 https://thehackernews.com/2024/12/europol-dismantles-criminal-messaging.html www.secnews.physaphae.fr/article.php?IdArticle=8619430 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud\'s flexibility, scalability, and efficiency come with significant risk - an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and]]> 2024-12-04T17:20:00+00:00 https://thehackernews.com/2024/12/7-pam-best-practices-to-secure-hybrid.html www.secnews.physaphae.fr/article.php?IdArticle=8619431 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Many organizations struggle with password policies that look strong on paper but fail in practice because they\'re too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards, monitors, or desk drawers. Others set rules so loose they may as well not exist. And many simply copy]]> 2024-12-04T16:00:00+00:00 https://thehackernews.com/2024/12/how-to-plan-new-and-improved-password.html www.secnews.physaphae.fr/article.php?IdArticle=8619379 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users\' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm]]> 2024-12-04T15:18:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html www.secnews.physaphae.fr/article.php?IdArticle=8619354 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People\'s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers. "Identified exploitations or compromises associated with these threat actors\' activity align with existing weaknesses associated with victim infrastructure; no novel]]> 2024-12-04T11:37:00+00:00 https://thehackernews.com/2024/12/joint-advisory-warns-of-prc-backed.html www.secnews.physaphae.fr/article.php?IdArticle=8619306 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing. "From the VSPC management agent machine, under]]> 2024-12-04T11:04:00+00:00 https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html www.secnews.physaphae.fr/article.php?IdArticle=8619263 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security vulnerability has been disclosed in SailPoint\'s IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905, has a CVSS score of 10.0, indicating maximum severity. It affects IdentityIQ versions 8.2. 8.3, 8.4, and other previous versions. IdentityIQ "allows]]> 2024-12-04T10:38:00+00:00 https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html www.secnews.physaphae.fr/article.php?IdArticle=8619264 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. "The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook\'s spam filters, allowing the malicious emails to reach your inbox," ANY.RUN said in a series of posts on X. The]]> 2024-12-04T10:18:00+00:00 https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html www.secnews.physaphae.fr/article.php?IdArticle=8619265 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA). The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA\'s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack]]> 2024-12-03T18:21:00+00:00 https://thehackernews.com/2024/12/cisco-warns-of-exploitation-of-decade.html www.secnews.physaphae.fr/article.php?IdArticle=8618959 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. "By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels of access]]> 2024-12-03T15:47:00+00:00 https://thehackernews.com/2024/12/nachovpn-tool-exploits-flaws-in-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8618931 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. "Phishing emails were sent mainly through email services in Japan and Korea until early September," South Korean cybersecurity company Genians said. "Then, from mid-September,]]> 2024-12-03T15:21:00+00:00 https://thehackernews.com/2024/12/north-korean-kimsuky-hackers-use.html www.secnews.physaphae.fr/article.php?IdArticle=8618916 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer]]> 2024-12-03T10:53:00+00:00 https://thehackernews.com/2024/12/horns-campaign-delivers-rats-via-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8618892 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. "SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks," Fortinet FortiGuard Labs said in a report shared with The Hacker News. "While]]> 2024-12-02T19:31:00+00:00 https://thehackernews.com/2024/12/smokeloader-malware-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8618697 False Malware,Medical None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Artificial Intelligence (AI) is no longer a far-off dream-it\'s here, changing the way we live. From ordering coffee to diagnosing diseases, it\'s everywhere. But while you\'re creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity-and a potential risk. The stakes are huge: data leaks, downtime, and even safety threats if security]]> 2024-12-02T17:20:00+00:00 https://thehackernews.com/2024/12/a-guide-to-securing-ai-app-development.html www.secnews.physaphae.fr/article.php?IdArticle=8618651 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ever wonder what happens in the digital world every time you blink? Here\'s something wild - hackers launch about 2,200 attacks every single day, which means someone\'s trying to break into a system somewhere every 39 seconds. And get this - while we\'re all worried about regular hackers, there are now AI systems out there that can craft phishing emails so convincingly, that even cybersecurity]]> 2024-12-02T16:44:00+00:00 https://thehackernews.com/2024/12/thn-recap-top-cybersecurity-threats.html www.secnews.physaphae.fr/article.php?IdArticle=8618652 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. "These PUP (potentially unwanted programs) applications use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions, which]]> 2024-12-02T15:16:00+00:00 https://thehackernews.com/2024/12/8-million-android-users-hit-by-spyloan.html www.secnews.physaphae.fr/article.php?IdArticle=8618634 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A global law enforcement operation has led to the arrest of more than 5,500 suspects involved in financial crimes and the seizure of more than $400 million in virtual assets and government-backed currencies. The coordinated exercise saw the participation of authorities from 40 countries, territories, and regions as part of the latest wave of Operation HAECHI-V, which took place between July and]]> 2024-12-02T12:32:00+00:00 https://thehackernews.com/2024/12/interpol-arrests-5500-in-global.html www.secnews.physaphae.fr/article.php?IdArticle=8618587 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a malicious program designed to encrypt files and seek ransom in return for a decryption key. "At present,]]> 2024-11-30T12:44:00+00:00 https://thehackernews.com/2024/11/wanted-russian-cybercriminal-linked-to.html www.secnews.physaphae.fr/article.php?IdArticle=8618317 False Ransomware,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023. The covert campaign undertaken by Social Design Agency (SDA), leverages videos enhanced using artificial intelligence (AI) and bogus websites impersonating reputable news sources]]> 2024-11-29T18:47:00+00:00 https://thehackernews.com/2024/11/ai-powered-fake-news-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8618254 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025, we explored the different factors shaping the cyber-physical future. In an insightful conversation with industry experts, we discussed]]> 2024-11-29T16:30:00+00:00 https://thehackernews.com/2024/11/protecting-tomorrows-world-shaping.html www.secnews.physaphae.fr/article.php?IdArticle=8618244 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials. "This campaign employs an AitM [adversary-in-the-middle] attack, allowing attackers to intercept user credentials and session cookies, which means that even users with multi-factor authentication (MFA)]]> 2024-11-29T15:36:00+00:00 https://thehackernews.com/2024/11/phishing-as-service-rockstar-2fa.html www.secnews.physaphae.fr/article.php?IdArticle=8618236 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com. "An]]> 2024-11-29T15:04:00+00:00 https://thehackernews.com/2024/11/microsoft-fixes-ai-cloud-and-erp.html www.secnews.physaphae.fr/article.php?IdArticle=8618237 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 59-year-old U.S. citizen who immigrated from the People\'s Republic of China (PRC) has been sentenced to four years in prison for conspiring to act as a spy for the country and sharing sensitive information about his employer with China\'s principal civilian intelligence agency. Ping Li, 59, of Wesley Chapel, Florida, is said to have served as a cooperative contact for the Ministry of State]]> 2024-11-29T11:01:00+00:00 https://thehackernews.com/2024/11/us-citizen-sentenced-for-spying-on.html www.secnews.physaphae.fr/article.php?IdArticle=8618212 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality,]]> 2024-11-28T22:27:00+00:00 https://thehackernews.com/2024/11/over-two-dozen-flaws-identified-in.html www.secnews.physaphae.fr/article.php?IdArticle=8618174 False Vulnerability,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is]]> 2024-11-28T17:00:00+00:00 https://thehackernews.com/2024/11/the-future-of-serverless-security-in.html www.secnews.physaphae.fr/article.php?IdArticle=8618145 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems. The package, named @0xengine/xmlrpc, was originally published on October 2, 2023 as a JavaScript-based XML-RPC]]> 2024-11-28T16:18:00+00:00 https://thehackernews.com/2024/11/xmlrpc-npm-library-turns-malicious.html www.secnews.physaphae.fr/article.php?IdArticle=8618142 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems since at least June 2024. "Cybercriminals have been taking advantage of Godot Engine to execute crafted GDScript code which triggers malicious commands and delivers malware," Check Point said in a new analysis published Wednesday. "The technique]]> 2024-11-28T14:59:00+00:00 https://thehackernews.com/2024/11/cybercriminals-exploit-popular-game.html www.secnews.physaphae.fr/article.php?IdArticle=8618136 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed. These intrusion attempts "originated from a wireline provider\'s network that was connected to ours," Jeff Simon, chief security officer at T-Mobile, said in a statement. "We see no instances of prior attempts like]]> 2024-11-28T10:07:00+00:00 https://thehackernews.com/2024/11/us-telecom-giant-t-mobile-detects.html www.secnews.physaphae.fr/article.php?IdArticle=8618116 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until August 2024 with the release of version r1720. As of November 26, 2024,]]> 2024-11-27T21:35:00+00:00 https://thehackernews.com/2024/11/critical-flaw-in-projectsend-under.html www.secnews.physaphae.fr/article.php?IdArticle=8618060 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in real-world attacks. Also tracked as IranuKit, it was uploaded]]> 2024-11-27T17:29:00+00:00 https://thehackernews.com/2024/11/researchers-discover-bootkitty-first.html www.secnews.physaphae.fr/article.php?IdArticle=8618014 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let\'s examine real-world examples of some of the most common multi-stage attack scenarios that are active right now. URLs and Other Embedded]]> 2024-11-27T17:00:00+00:00 https://thehackernews.com/2024/11/latest-multi-stage-attack-scenarios.html www.secnews.physaphae.fr/article.php?IdArticle=8618015 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That\'s according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024. "In this attack,]]> 2024-11-27T16:44:00+00:00 https://thehackernews.com/2024/11/apt-c-60-exploits-wps-office.html www.secnews.physaphae.fr/article.php?IdArticle=8618004 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email]]> 2024-11-27T12:50:00+00:00 https://thehackernews.com/2024/11/interpol-busts-african-cybercrime-1006.html www.secnews.physaphae.fr/article.php?IdArticle=8617984 False Ransomware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet. "This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a]]> 2024-11-27T10:51:00+00:00 https://thehackernews.com/2024/11/matrix-botnet-exploits-iot-devices-in.html www.secnews.physaphae.fr/article.php?IdArticle=8617968 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions]]> 2024-11-26T18:53:00+00:00 https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html www.secnews.physaphae.fr/article.php?IdArticle=8617883 False Spam,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That\'s why Intruder, a leader in attack surface management, built Intel - a free vulnerability intelligence platform designed to help you act fast and prioritize real threats. What is Intel? Intel was created to fill a gap in the resources available for tracking emerging]]> 2024-11-26T17:00:00+00:00 https://thehackernews.com/2024/11/intruder-launches-intel-free.html www.secnews.physaphae.fr/article.php?IdArticle=8617873 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems. "In a successful attack, if a victim browses a web page containing the exploit, an adversary can run arbitrary code – without any user]]> 2024-11-26T16:04:00+00:00 https://thehackernews.com/2024/11/romcom-exploits-zero-day-firefox-and.html www.secnews.physaphae.fr/article.php?IdArticle=8617860 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.  Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed]]> 2024-11-26T15:49:00+00:00 https://thehackernews.com/2024/11/chinese-hackers-use-ghostspider-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8617861 False Malware,Hack,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that]]> 2024-11-26T10:33:00+00:00 https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8617830 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android\'s Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement. "With Restore Credentials, apps can seamlessly onboard]]> 2024-11-25T19:52:00+00:00 https://thehackernews.com/2024/11/googles-new-restore-credentials-tool.html www.secnews.physaphae.fr/article.php?IdArticle=8617607 False Tool,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date. By putting the]]> 2024-11-25T19:24:00+00:00 https://thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html www.secnews.physaphae.fr/article.php?IdArticle=8617608 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks “I really like the saying that \'This is out of scope\' said no hacker ever. Whether it\'s tricks, techniques or technologies, hackers will do anything to evade detection and make sure their]]> 2024-11-25T17:00:00+00:00 https://thehackernews.com/2024/11/flying-under-radar-security-evasion.html www.secnews.physaphae.fr/article.php?IdArticle=8617551 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp\'s Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they\'re supposed to be more secure than]]> 2024-11-25T16:54:00+00:00 https://thehackernews.com/2024/11/cybersecurity-flaws-in-iac-and-pac.html www.secnews.physaphae.fr/article.php?IdArticle=8617552 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what\'s really going on behind those words? This week\'s cybersecurity news isn\'t just about hackers and headlines-it\'s about how digital risks shape our lives in ways we might not even realize. For instance, telecom networks being breached isn\'t just about stolen data-it\'s about power. Hackers are]]> 2024-11-25T16:43:00+00:00 https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats_25.html www.secnews.physaphae.fr/article.php?IdArticle=8617521 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.sys) and manipulates it to carry out its destructive agenda," Trellix]]> 2024-11-25T14:46:00+00:00 https://thehackernews.com/2024/11/researchers-uncover-malware-using-byovd.html www.secnews.physaphae.fr/article.php?IdArticle=8617467 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.]]> 2024-11-23T17:40:00+00:00 https://thehackernews.com/2024/11/google-exposes-glassbridge-pro-china.html www.secnews.physaphae.fr/article.php?IdArticle=8616541 False Threat,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles on LinkedIn, posing as both]]> 2024-11-23T17:23:00+00:00 https://thehackernews.com/2024/11/north-korean-hackers-steal-10m-with-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8616542 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published today. Mysterious Elephant, which is also known as]]> 2024-11-22T22:29:00+00:00 https://thehackernews.com/2024/11/apt-k-47-uses-hajj-themed-lures-to.html www.secnews.physaphae.fr/article.php?IdArticle=8616130 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading a]]> 2024-11-22T22:17:00+00:00 https://thehackernews.com/2024/11/china-linked-tag-112-targets-tibetan.html www.secnews.physaphae.fr/article.php?IdArticle=8616131 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future\'s Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0063, which, in turn, overlaps with APT28. The]]> 2024-11-22T17:36:00+00:00 https://thehackernews.com/2024/11/russian-hackers-deploy-hatvibe-and.html www.secnews.physaphae.fr/article.php?IdArticle=8615986 False Malware,Threat APT 28 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamless digital transformation that\'s both scalable and adaptable. As companies shift from traditional,]]> 2024-11-22T17:00:00+00:00 https://thehackernews.com/2024/11/the-importance-of having-a-google-workspace-backup-solution.html www.secnews.physaphae.fr/article.php?IdArticle=8615987 False Tool,Cloud None 3.0000000000000000