This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T10:54:22+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind. The activity, detected between July and October 2023, has been attributed by Proofpoint to a threat actor it tracks under the name TA402, which is also known as Molerats, Gaza Cyber Gang, and shares tactical overlaps with a pro-Hamas]]> 2023-11-14T15:31:00+00:00 https://thehackernews.com/2023/11/new-campaign-targets-middle-east.html www.secnews.physaphae.fr/article.php?IdArticle=8411725 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October 2023, targeting marketing professionals in India with an aim to hijack Facebook business accounts. "An important feature that sets it apart is that, unlike previous campaigns, which relied on .NET applications, this one used Delphi as the programming]]> 2023-11-14T13:33:00+00:00 https://thehackernews.com/2023/11/vietnamese-hackers-using-new-delphi.html www.secnews.physaphae.fr/article.php?IdArticle=8411647 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active]]> 2023-11-14T11:33:00+00:00 https://thehackernews.com/2023/11/cisa-sets-deadline-patch-juniper-junos.html www.secnews.physaphae.fr/article.php?IdArticle=8411585 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape. "It appears that the leadership of the Hive group made the strategic decision to cease their operations and transfer their remaining assets to another group, Hunters]]> 2023-11-13T17:42:00+00:00 https://thehackernews.com/2023/11/new-ransomware-group-emerges-with-hives.html www.secnews.physaphae.fr/article.php?IdArticle=8411002 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Effective marketing operations today are driven by the use of Software-as-a-Service (SaaS) applications. Marketing apps such as Salesforce, Hubspot, Outreach, Asana, Monday, and Box empower marketing teams, agencies, freelancers, and subject matter experts to collaborate seamlessly on campaigns and marketing initiatives.  These apps serve as the digital command centers for marketing]]> 2023-11-13T17:05:00+00:00 https://thehackernews.com/2023/11/top-5-marketing-tech-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8410967 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a long-term espionage campaign," Palo Alto Networks Unit 42 researchers said in a report last week. "The observed activity aligns with geopolitical goals of]]> 2023-11-13T11:28:00+00:00 https://thehackernews.com/2023/11/chinese-hackers-launch-covert-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=8410768 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malaysian law enforcement authorities have announced the takedown of a phishing-as-a-service (PhaaS) operation called BulletProofLink. The Royal Malaysian Police said the effort, which was carried out with assistance from the Australian Federal Police (AFP) and the U.S. Federal Bureau of Investigation (FBI) on November 6, 2023, was based on information that the threat actors behind the platform]]> 2023-11-13T10:57:00+00:00 https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html www.secnews.physaphae.fr/article.php?IdArticle=8410769 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks aimed at Israel. Dubbed BiBi-Windows Wiper by BlackBerry, the wiper is the Windows counterpart of BiBi-Linux Wiper, which has been put to use by a pro-Hamas hacktivist group in the wake of the Israel-Hamas war last month. "The Windows variant [...]]> 2023-11-13T10:20:00+00:00 https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8410770 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a "shift in the persistent actor\\\'s tactics." Sapphire Sleet, also called APT38, BlueNoroff, CageyChameleon, and CryptoCore, has a]]> 2023-11-11T19:03:00+00:00 https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html www.secnews.physaphae.fr/article.php?IdArticle=8409670 False Threat APT 38,APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google\'s Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting industrial control systems (ICS). "The actor first used OT-level living-off-the-land (LotL) techniques to]]> 2023-11-10T17:52:00+00:00 https://thehackernews.com/2023/11/russian-hackers-sandworm-cause-power.html www.secnews.physaphae.fr/article.php?IdArticle=8409099 False Hack,Industrial APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don\'t pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of (or augment) inefficient and cumbersome SIEMs. With an estimated 80% of]]> 2023-11-10T14:30:00+00:00 https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html www.secnews.physaphae.fr/article.php?IdArticle=8408991 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a stealthy backdoor named Effluence that\'s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence," Aon\'s Stroz Friedberg Incident Response Services said in an analysis published]]> 2023-11-10T14:28:00+00:00 https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html www.secnews.physaphae.fr/article.php?IdArticle=8408992 False Malware,Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm (previously Curium),]]> 2023-11-10T12:41:00+00:00 https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html www.secnews.physaphae.fr/article.php?IdArticle=8408993 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its]]> 2023-11-10T10:39:00+00:00 https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html www.secnews.physaphae.fr/article.php?IdArticle=8408923 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers. The issue, tracked as CVE-2023-47246, concerns a path traversal]]> 2023-11-09T22:24:00+00:00 https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8408634 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its infrastructure (domain names) and cloaking templates used]]> 2023-11-09T18:56:00+00:00 https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8408503 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution]]> 2023-11-09T16:24:00+00:00 https://thehackernews.com/2023/11/when-email-security-meets-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8408438 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. "The framework\'s web component is written in the Go programming language," Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been attributed to MuddyWater, an Iranian]]> 2023-11-09T16:20:00+00:00 https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html www.secnews.physaphae.fr/article.php?IdArticle=8408439 False Tool,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS]]> 2023-11-09T11:03:00+00:00 https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html www.secnews.physaphae.fr/article.php?IdArticle=8408279 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have developed what\'s the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim\'s environment without attracting any attention. "While this]]> 2023-11-08T19:49:00+00:00 https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8407907 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls" that masks users\' IP addresses to other parties by relaying the calls through its servers. "Calls are end-to-end encrypted, so even if a call is relayed through WhatsApp servers, WhatsApp cannot listen to your calls," the company said in a statement shared with The]]> 2023-11-08T19:27:00+00:00 https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8407908 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News. "[BlazeStealer]]]> 2023-11-08T18:27:00+00:00 https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8407875 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Download the free guide, "It\'s a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into generative AI engines. They use these tools to write]]> 2023-11-08T16:30:00+00:00 https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html www.secnews.physaphae.fr/article.php?IdArticle=8407813 False Tool,Technical ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so safeguarding the organization\'s SaaS app stack and data within is paramount. Yet, the path to implementing an effective SaaS security program is not]]> 2023-11-08T14:48:00+00:00 https://thehackernews.com/2023/11/webinar-kickstarting-your-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8407763 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities. Singapore-headquartered Group-IB, which attempted to infiltrate a private RaaS program that uses the Nokoyawa ransomware strain, said it underwent a "job interview" process with the]]> 2023-11-08T13:30:00+00:00 https://thehackernews.com/2023/11/experts-expose-farnetworks-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8407738 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf Threat Labs, which disclosed details of the malware, said it\'s used as part of the RustBucket malware campaign, which came to light earlier this year. "Based on previous attacks performed by BlueNoroff, we suspect that this malware was a late]]> 2023-11-07T19:28:00+00:00 https://thehackernews.com/2023/11/n-korean-bluenoroff-blamed-for-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=8407291 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group\'s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as CobaltStrike or RDP," IBM X-Force researchers Golo Mühr and Ole]]> 2023-11-07T17:58:00+00:00 https://thehackernews.com/2023/11/new-gootloader-malware-variant-evades.html www.secnews.physaphae.fr/article.php?IdArticle=8407229 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Numerous industries-including technology, financial services, energy, healthcare, and government-are rushing to incorporate cloud-based and containerized web applications.  The benefits are undeniable; however, this shift presents new security challenges.  OPSWAT\'s 2023 Web Application Security report reveals: 75% of organizations have modernized their infrastructure this year. 78% have]]> 2023-11-07T17:26:00+00:00 https://thehackernews.com/2023/11/confidence-in-file-upload-security-is.html www.secnews.physaphae.fr/article.php?IdArticle=8407230 False Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT, but also how defenders can use it for leveling up their game. ChatGPT is the most swiftly growing consumer application to date. The extremely popular generative AI chatbot has the ability to generate human-like, coherent and contextually relevant responses.]]> 2023-11-07T15:51:00+00:00 https://thehackernews.com/2023/11/offensive-and-defensive-ai-lets-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8407178 False Tool,Threat ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, with the attacks also designed to infiltrate Linux systems with a]]> 2023-11-07T14:29:00+00:00 https://thehackernews.com/2023/11/sidecopy-exploiting-winrar-flaw-in.html www.secnews.physaphae.fr/article.php?IdArticle=8407145 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber (aka C3RB3R) ransomware. Both vulnerabilities are critical, allowing threat]]> 2023-11-07T12:44:00+00:00 https://thehackernews.com/2023/11/experts-warn-of-ransomware-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8407092 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 (CVSS score: 9.9) - An unspecified flaw that can be leveraged by an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration]]> 2023-11-07T10:38:00+00:00 https://thehackernews.com/2023/11/critical-flaws-discovered-in-veeam-one.html www.secnews.physaphae.fr/article.php?IdArticle=8407052 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an information stealer malware known as Jupyter has resurfaced with "simple yet impactful changes" that aim to stealthily establish a persistent foothold on compromised systems. "The team has discovered new waves of Jupyter Infostealer attacks which leverage PowerShell command modifications and signatures of private keys in attempts to pass off the malware as a legitimately]]> 2023-11-06T22:53:00+00:00 https://thehackernews.com/2023/11/new-jupyter-infostealer-version-emerges.html www.secnews.physaphae.fr/article.php?IdArticle=8406733 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud. "If exploited, the vulnerability could allow remote attackers to execute commands via a network," the]]> 2023-11-06T22:25:00+00:00 https://thehackernews.com/2023/11/qnap-releases-patch-for-2-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8406734 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware. Dropper malware on Android is designed to function as a conduit to install a payload on a compromised device, making it a lucrative business model for threat actors, who can advertise the capabilities]]> 2023-11-06T19:39:00+00:00 https://thehackernews.com/2023/11/securidropper-new-android-dropper-as.html www.secnews.physaphae.fr/article.php?IdArticle=8406682 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware. The intrusions, which took place as recently as October, have been attributed to an Iranian nation-state hacking crew it tracks under the name Agonizing Serpens, which is also known as Agrius,]]> 2023-11-06T16:02:00+00:00 https://thehackernews.com/2023/11/iranian-hackers-launches-destructive.html www.secnews.physaphae.fr/article.php?IdArticle=8406527 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023. "The script creates a \'Covert Channel\' by exploiting the event]]> 2023-11-06T13:55:00+00:00 https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html www.secnews.physaphae.fr/article.php?IdArticle=8406528 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of the Treasury imposed sanctions against a Russian woman for taking part in the laundering of virtual currency for the country\'s elites and cybercriminal crews, including the Ryuk ransomware group. Ekaterina Zhdanova, per the department, is said to have facilitated large cross border transactions to assist Russian individuals to gain access to Western financial markets and]]> 2023-11-06T11:00:00+00:00 https://thehackernews.com/2023/11/us-treasury-targets-russian-money.html www.secnews.physaphae.fr/article.php?IdArticle=8406529 False Ransomware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That\'s according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it as an "intricate modular framework that supports both Linux and Windows." The Russian cybersecurity]]> 2023-11-04T15:04:00+00:00 https://thehackernews.com/2023/11/stripedfly-malware-operated-unnoticed.html www.secnews.physaphae.fr/article.php?IdArticle=8405899 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing session tokens that could be used for session hijacking attacks. "The]]> 2023-11-04T11:33:00+00:00 https://thehackernews.com/2023/11/oktas-recent-customer-support-data.html www.secnews.physaphae.fr/article.php?IdArticle=8405766 False Data Breach None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is rolling out an "Independent security review" badge in the Play Store\'s Data safety section for Android apps that have undergone a Mobile Application Security Assessment (MASA) audit. "We\'ve launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle," Nataliya Stanetsky of the Android Security and Privacy Team said.]]> 2023-11-04T11:08:00+00:00 https://thehackernews.com/2023/11/google-play-store-introduces.html www.secnews.physaphae.fr/article.php?IdArticle=8405767 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP)," cloud]]> 2023-11-03T18:42:00+00:00 https://thehackernews.com/2023/11/kinsing-actors-exploit-linux-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8405322 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer. "Clicking on ads immediately downloads an archive containing a malicious .exe \'Photo Album\' file which also drops a second executable written in .NET – this payload is in charge of]]> 2023-11-03T17:42:00+00:00 https://thehackernews.com/2023/11/nodestealer-malware-hijacking-facebook.html www.secnews.physaphae.fr/article.php?IdArticle=8405323 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes.  As the threat landscape evolves and generative AI is added to the toolsets available to defenders and attackers alike, evaluating the relative effectiveness of various AI-based security offerings is increasingly important - and difficult. Asking the right questions can help you spot solutions]]> 2023-11-03T16:56:00+00:00 https://thehackernews.com/2023/11/predictive-ai-in-cybersecurity-outcomes.html www.secnews.physaphae.fr/article.php?IdArticle=8405324 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy. These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts 2 million users. "The trojanized]]> 2023-11-03T15:05:00+00:00 https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html www.secnews.physaphae.fr/article.php?IdArticle=8405325 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems. "These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install," software supply chain security firm Phylum said. All the counterfeit packages have been published by]]> 2023-11-03T11:33:00+00:00 https://thehackernews.com/2023/11/48-malicious-npm-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8405326 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened in China. While the mysterious control payload – aka kill switch – stripped Mozi bots of most]]> 2023-11-02T19:15:00+00:00 https://thehackernews.com/2023/11/mysterious-kill-switch-disrupts-mozi.html www.secnews.physaphae.fr/article.php?IdArticle=8405327 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees\' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter]]> 2023-11-02T14:54:00+00:00 https://thehackernews.com/2023/11/saas-security-is-now-accessible-and.html www.secnews.physaphae.fr/article.php?IdArticle=8404604 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign "exhibits updated TTPs to previously reported MuddyWater activity,"]]> 2023-11-02T14:51:00+00:00 https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404605 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges," Takahiro Haruyama, a]]> 2023-11-02T14:29:00+00:00 https://thehackernews.com/2023/11/researchers-find-34-windows-drivers.html www.secnews.physaphae.fr/article.php?IdArticle=8404606 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest fidelity of vulnerability assessment for both industry and the public," FIRST said in a statement.]]> 2023-11-02T10:49:00+00:00 https://thehackernews.com/2023/11/first-announces-cvss-40-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404607 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a]]> 2023-11-02T09:57:00+00:00 https://thehackernews.com/2023/11/hellokitty-ransomware-group-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8404608 False Ransomware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that\'s offered to other threat actors for at least over the past four years. Prolific Puma creates "domain names with an RDGA [registered domain generation algorithm] and use these domains to provide a link shortening service to other malicious actors, helping them evade]]> 2023-11-01T20:25:00+00:00 https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html www.secnews.physaphae.fr/article.php?IdArticle=8404158 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The browser has become the main work interface in modern enterprises. It\'s where employees create and interact with data, and how they access organizational and external SaaS and web apps. As a result, the browser is extensively targeted by adversaries. They seek to steal the data it stores and use it for malicious access to organizational SaaS apps or the hosting machine. Additionally,]]> 2023-11-01T17:23:00+00:00 https://thehackernews.com/2023/11/hands-on-review-layerxs-enterprise.html www.secnews.physaphae.fr/article.php?IdArticle=8404093 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor affiliated with Iran\'s Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year. Israeli cybersecurity firm Check Point, which discovered the campaign alongside Sygnia, is tracking the actor under the name Scarred]]> 2023-11-01T16:52:00+00:00 https://thehackernews.com/2023/11/iranian-cyber-espionage-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8404027 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) State-sponsored threat actors from the Democratic People\'s Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back to April 2023, exhibits overlaps with the infamous adversarial collective Lazarus Group, citing an analysis of the]]> 2023-11-01T14:32:00+00:00 https://thehackernews.com/2023/11/north-korean-hackers-tageting-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8403987 False Malware,Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive Ursa. "As the code of the upgraded revision of Kazuar reveals, the authors put special emphasis on Kazuar\'s ability to]]> 2023-11-01T12:51:00+00:00 https://thehackernews.com/2023/11/turla-updates-kazuar-backdoor-with.html www.secnews.physaphae.fr/article.php?IdArticle=8403950 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution]]> 2023-11-01T10:23:00+00:00 https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8403894 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper\'s Android malware has a number of features that enable the operators to surreptitiously collect sensitive information from victims\' devices]]> 2023-10-31T19:46:00+00:00 https://thehackernews.com/2023/10/arid-viper-targeting-arabic-android.html www.secnews.physaphae.fr/article.php?IdArticle=8403559 False Malware,Threat APT-C-23,APT-C-23 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing since August 1, 2023, while linking it to a host of rogue NuGet packages that were observed delivering a remote access trojan called]]> 2023-10-31T17:34:00+00:00 https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html www.secnews.physaphae.fr/article.php?IdArticle=8403479 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration tester and the precision of pen testing solutions are crucial for staying on top of today\'s high]]> 2023-10-31T16:51:00+00:00 https://thehackernews.com/2023/10/pentestpad-platform-for-pentest-teams.html www.secnews.physaphae.fr/article.php?IdArticle=8403480 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data loss if exploited by an unauthenticated attacker." Tracked as CVE-2023-22518, the vulnerability is rated 9.1 out of a maximum of 10 on the CVSS scoring system. It has been described as an instance of "improper authorization vulnerability." All versions of Confluence Data]]> 2023-10-31T16:46:00+00:00 https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8403481 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google search results by leveraging Dynamic Search Ads. "Unbeknownst to the site owner, one of their ads was automatically created to promote a popular program for Python developers, and visible to people doing a Google search for it," Jérôme Segura, director of threat]]> 2023-10-31T16:25:00+00:00 https://thehackernews.com/2023/10/trojanized-pycharm-software-version.html www.secnews.physaphae.fr/article.php?IdArticle=8403425 False Threat,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Canada on Monday announced a ban on the use of apps from Tencent and Kaspersky on government mobile devices, citing an "unacceptable level of risk to privacy and security." "The Government of Canada is committed to keeping government information and networks secure," the Canadian government said. "We regularly monitor potential threats and take immediate action to address risks." To that end,]]> 2023-10-31T13:51:00+00:00 https://thehackernews.com/2023/10/canada-bans-wechat-and-kaspersky-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8403362 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta on Monday announced plans to offer an ad-free option to access Facebook and Instagram for users in the European Union (EU), European Economic Area (EEA), and Switzerland to comply with "evolving" data protection regulations in the region. The ad-free subscription, which costs €9.99/month on the web or €12.99/month on iOS and Android, is expected to be officially available starting next]]> 2023-10-31T11:59:00+00:00 https://thehackernews.com/2023/10/meta-launches-paid-ad-free-subscription.html www.secnews.physaphae.fr/article.php?IdArticle=8403339 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the ongoing Israeli-Hamas war. "This malware is an x64 ELF executable, lacking obfuscation or protective measures," Security Joes said in a new report published today. "It allows attackers to specify target folders and can potentially destroy an entire]]> 2023-10-30T21:55:00+00:00 https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html www.secnews.physaphae.fr/article.php?IdArticle=8402903 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Modern web app development relies on cloud infrastructure and containerization. These technologies scale on demand, handling millions of daily file transfers – it\'s almost impossible to imagine a world without them. However, they also introduce multiple attack vectors that exploit file uploads when working with public clouds, vulnerabilities in containers hosting web applications, and many other]]> 2023-10-30T17:39:00+00:00 https://thehackernews.com/2023/10/new-webinar-5-must-know-trends.html www.secnews.physaphae.fr/article.php?IdArticle=8402826 False Vulnerability,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Earlier this week, ServiceNow announced on its support site that misconfigurations within the platform could result in “unintended access” to sensitive data. For organizations that use ServiceNow, this security exposure is a critical concern that could have resulted in major data leakage of sensitive corporate data. ServiceNow has since taken steps to fix this issue.  This article fully analyzes]]> 2023-10-30T17:17:00+00:00 https://thehackernews.com/2023/10/servicenow-data-exposure-wake-up-call.html www.secnews.physaphae.fr/article.php?IdArticle=8402776 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate cryptojacking activities. "As a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging and]]> 2023-10-30T16:26:00+00:00 https://thehackernews.com/2023/10/elektra-leak-cryptojacking-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8402777 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows -  CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller CVE-2023-5043 (]]> 2023-10-30T12:16:00+00:00 https://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8402689 False Vulnerability,Threat Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. "MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications to Windows users," Elastic]]> 2023-10-30T09:51:00+00:00 https://thehackernews.com/2023/10/hackers-using-msix-app-packages-to.html www.secnews.physaphae.fr/article.php?IdArticle=8402624 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings have shed light on what\'s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. "The attacker has issued several new TLS certificates using Let\'s Encrypt service which were used to hijack encrypted STARTTLS]]> 2023-10-28T12:50:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html www.secnews.physaphae.fr/article.php?IdArticle=8401857 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for]]> 2023-10-27T20:27:00+00:00 https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html www.secnews.physaphae.fr/article.php?IdArticle=8401494 False Malware,Tool,Threat APT 38,APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it\'s essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the forefront of cybercriminal]]> 2023-10-27T16:26:00+00:00 https://thehackernews.com/2023/10/how-to-keep-your-business-running-in.html www.secnews.physaphae.fr/article.php?IdArticle=8401397 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it\'s expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. "Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or]]> 2023-10-27T16:24:00+00:00 https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html www.secnews.physaphae.fr/article.php?IdArticle=8401398 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP]]> 2023-10-27T09:53:00+00:00 https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8401236 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. "An attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using]]> 2023-10-26T22:19:00+00:00 https://thehackernews.com/2023/10/ileakage-new-safari-exploit-impacts.html www.secnews.physaphae.fr/article.php?IdArticle=8400981 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described the adversary as "one of the most dangerous financial criminal]]> 2023-10-26T19:26:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-as-scattered-spider.html www.secnews.physaphae.fr/article.php?IdArticle=8400870 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter," the web infrastructure]]> 2023-10-26T18:30:00+00:00 https://thehackernews.com/2023/10/record-breaking-100-million-rps-ddos.html www.secnews.physaphae.fr/article.php?IdArticle=8400871 False Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases.  Download the full case study here. It\'s a scenario that could have affected any type of company, from healthcare to finance, e-commerce to]]> 2023-10-26T17:29:00+00:00 https://thehackernews.com/2023/10/the-danger-of-forgotten-pixels-on.html www.secnews.physaphae.fr/article.php?IdArticle=8400814 False Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a downloader for further payloads," the PwC Threat Intelligence said in a Wednesday analysis. "It uses email]]> 2023-10-26T12:54:00+00:00 https://thehackernews.com/2023/10/iranian-group-tortoiseshell-launches.html www.secnews.physaphae.fr/article.php?IdArticle=8400736 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. "This is an easily exploitable, unauthenticated remote code]]> 2023-10-26T10:53:00+00:00 https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html www.secnews.physaphae.fr/article.php?IdArticle=8400737 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A relatively new threat actor known as YoroTrooper is likely made of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani entities, barring the government\'s Anti-Corruption Agency. "YoroTrooper attempts to obfuscate the]]> 2023-10-26T09:55:00+00:00 https://thehackernews.com/2023/10/yorotrooper-researchers-warn-of.html www.secnews.physaphae.fr/article.php?IdArticle=8400738 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims\' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou said in a new report published today. Previously, it was using known]]> 2023-10-25T18:50:00+00:00 https://thehackernews.com/2023/10/nation-state-hackers-exploiting-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8400151 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio, and Bukalapak, building upon previous shortcomings uncovered in Booking[.]com and Expo. The weaknesses, now addressed by the respective companies following responsible disclosure between February and April 2023, could have allowed malicious actors to]]> 2023-10-25T18:34:00+00:00 https://thehackernews.com/2023/10/critical-oauth-flaws-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8400152 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital landscape, around 60% of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations.  Despite S3 being a secure service from a reputable provider, its pivotal role in handling vast amounts of sensitive data (customer personal information, financial data, intellectual property, etc.), provides a juicy target for]]> 2023-10-25T17:06:00+00:00 https://thehackernews.com/2023/10/the-rise-of-s3-ransomware-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8400111 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger an out-of-bounds]]> 2023-10-25T15:41:00+00:00 https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8400088 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The popularity of Brazil\'s PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for "WhatsApp web" on search engines. "The]]> 2023-10-25T14:43:00+00:00 https://thehackernews.com/2023/10/malvertising-campaign-targets-brazils.html www.secnews.physaphae.fr/article.php?IdArticle=8400067 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files]]> 2023-10-25T10:17:00+00:00 https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html www.secnews.physaphae.fr/article.php?IdArticle=8400012 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A former employee of the U.S. National Security Agency (NSA) has pleaded guilty to charges accusing him of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke, 31, served as an Information Systems Security Designer for the NSA from June 6, 2022, to July 1, 2022, where he had Top Secret clearance to access sensitive documents. The latest development comes more]]> 2023-10-24T18:00:00+00:00 https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html www.secnews.physaphae.fr/article.php?IdArticle=8399798 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits. Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms, a katana sword, a baseball bat, €80,000 in cash, four high-end]]> 2023-10-24T16:30:00+00:00 https://thehackernews.com/2023/10/34-cybercriminals-arrested-in-spain-for.html www.secnews.physaphae.fr/article.php?IdArticle=8399691 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While application development has evolved rapidly, the API management suites used to access these services remain a spooky reminder of a different era. Introducing new API management infrastructure with these legacy models still poses challenges for organizations as they modernize. Transitioning from monolithic architectures to agile microservices empowers developers to make quick changes. Using]]> 2023-10-24T16:29:00+00:00 https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html www.secnews.physaphae.fr/article.php?IdArticle=8399692 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim\'s location. The findings come from Kaspersky, which detailed the great lengths the adversary behind the campaign, dubbed Operation Triangulation, went to conceal and cover up]]> 2023-10-24T14:07:00+00:00 https://thehackernews.com/2023/10/operation-triangulation-experts-uncover.html www.secnews.physaphae.fr/article.php?IdArticle=8399648 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group\'s Fox-IT team said. "Thus, for a lot of devices]]> 2023-10-24T12:03:00+00:00 https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html www.secnews.physaphae.fr/article.php?IdArticle=8399649 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular password management solution 1Password said it detected suspicious activity on its Okta instance on September 29 following the support system breach, but reiterated that no user data was accessed. "We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing," Pedro Canahuati, 1Password CTO,]]> 2023-10-24T10:25:00+00:00 https://thehackernews.com/2023/10/1password-detects-suspicious-activity.html www.secnews.physaphae.fr/article.php?IdArticle=8399593 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are also configured to deliver a downloader named CSVtyrei, so named for its resemblance to Vtyrei. "Some]]> 2023-10-23T17:04:00+00:00 https://thehackernews.com/2023/10/donot-teams-new-firebird-backdoor-hits.html www.secnews.physaphae.fr/article.php?IdArticle=8399385 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence-formerly the realm of data science and engineering teams-has become a resource available to every employee.  From a productivity perspective, that\'s fantastic. Unfortunately for IT and security teams, it also means you may have hundreds of people in your organization using a new tool in]]> 2023-10-23T17:04:00+00:00 https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html www.secnews.physaphae.fr/article.php?IdArticle=8399384 False Tool ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan said in a report published last week,]]> 2023-10-23T13:28:00+00:00 https://thehackernews.com/2023/10/quasar-rat-leverages-dll-side-loading.html www.secnews.physaphae.fr/article.php?IdArticle=8399386 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a "key target" in France. "In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia," the agency said. "The main perpetrator, suspected of being a developer of the Ragnar group, has been brought in front of the examining]]> 2023-10-21T18:40:00+00:00 https://thehackernews.com/2023/10/europol-dismantles-ragnar-locker.html www.secnews.physaphae.fr/article.php?IdArticle=8398660 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials to access its support case management system. "The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases," David Bradbury, Okta\'s chief security officer, said. "It should be noted that the Okta]]> 2023-10-21T14:15:00+00:00 https://thehackernews.com/2023/10/oktas-support-system-breach-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8398576 False Threat None 2.0000000000000000