This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:05:47+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified connectivity, and consistent policy control across users and devices. But there\'s a problem: they stop short of where the most sensitive user activity actually happens-the browser. This isn\'t a small omission. It\'s a structural]]> 2025-05-07T16:26:00+00:00 https://thehackernews.com/2025/05/reevaluating-sses-technical-gap.html www.secnews.physaphae.fr/article.php?IdArticle=8672730 False Legislation,Cloud,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News. "]]> 2025-04-24T16:57:00+00:00 https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8667153 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution," Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign. The]]> 2025-04-18T17:33:00+00:00 https://thehackernews.com/2025/04/multi-stage-malware-attack-uses-jse-and.html www.secnews.physaphae.fr/article.php?IdArticle=8664477 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024. "The controller could open a reverse shell," Trend Micro researcher Fernando Mercês said in a technical report published earlier in]]> 2025-04-16T16:07:00+00:00 https://thehackernews.com/2025/04/new-bpfdoor-controller-enables-stealthy.html www.secnews.physaphae.fr/article.php?IdArticle=8663470 False Prediction,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold-from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea\'s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware attack, showing you how]]> 2025-03-14T16:55:00+00:00 https://thehackernews.com/2025/03/live-ransomware-demo-see-how-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8655727 False Ransomware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. "The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet," security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with]]> 2025-03-11T18:00:00+00:00 https://thehackernews.com/2025/03/ballista-botnet-exploits-unpatched-tp.html www.secnews.physaphae.fr/article.php?IdArticle=8654999 False Vulnerability,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technical]]> 2025-03-07T10:12:00+00:00 https://thehackernews.com/2025/03/php-cgi-rce-flaw-exploited-in-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8654456 False Vulnerability,Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand\'s legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale. The latest iteration of the phishing suite "represents a significant]]> 2025-02-21T18:33:00+00:00 https://thehackernews.com/2025/02/cybercriminals-can-now-clone-any-brands.html www.secnews.physaphae.fr/article.php?IdArticle=8649590 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Welcome to this week\'s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. ⚡ Threat of the Week Russian Threat Actors Leverage Device Code Phishing to Hack]]> 2025-02-17T14:49:00+00:00 https://thehackernews.com/2025/02/thn-weekly-recap-google-secrets-stolen.html www.secnews.physaphae.fr/article.php?IdArticle=8648690 False Hack,Threat,Cloud,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 (according to Research Nester), organizations invest heavily in PAM solutions. Why is PAM climbing the ranks of leadership priorities? While Gartner]]> 2025-02-06T16:50:00+00:00 https://thehackernews.com/2025/02/the-evolving-role-of-pam-in.html www.secnews.physaphae.fr/article.php?IdArticle=8647206 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector," Seqrite Labs researcher Subhajeet Singha said in a technical report]]> 2025-02-05T18:16:00+00:00 https://thehackernews.com/2025/02/silent-lynx-using-powershell-golang-and.html www.secnews.physaphae.fr/article.php?IdArticle=8647041 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "take[s] advantage of misconfigured DNS records to pass email protection techniques," Infoblox security researcher David Brunsdon said in a technical report published last week. "This]]> 2025-01-21T18:16:00+00:00 https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html www.secnews.physaphae.fr/article.php?IdArticle=8640630 False Spam,Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The infection chain commences with a phishing]]> 2025-01-21T11:15:00+00:00 https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html www.secnews.physaphae.fr/article.php?IdArticle=8640485 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution. Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the "vulnerabilities are trivial to reverse and exploit." The list of identified flaws is as follows -]]> 2025-01-15T10:40:00+00:00 https://thehackernews.com/2025/01/critical-simplehelp-flaws-allow-file.html www.secnews.physaphae.fr/article.php?IdArticle=8637521 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail to]]> 2025-01-10T17:29:00+00:00 https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8635622 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. "The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques," Cyfirma said in a technical analysis published last week. "It employs]]> 2025-01-08T19:07:00+00:00 https://thehackernews.com/2025/01/researchers-expose-noneuclid-rat-using.html www.secnews.physaphae.fr/article.php?IdArticle=8634905 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. "Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks," Morphisec researcher Nadav Lorber said in a technical report published Monday. The attacks make use of fake update alerts that employ]]> 2024-12-17T14:33:00+00:00 https://thehackernews.com/2024/12/hackers-exploit-webview2-to-deploy.html www.secnews.physaphae.fr/article.php?IdArticle=8626508 False Malware,Tool,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis. "An interesting aspect of this campaign is the comeback of a backdoor]]> 2024-12-05T13:00:00+00:00 https://thehackernews.com/2024/12/anel-and-noopdoor-backdoors-weaponized.html www.secnews.physaphae.fr/article.php?IdArticle=8619940 False Threat,Prediction,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said. "Threat actors leveraged an unconventional blend]]> 2024-11-12T11:30:00+00:00 https://thehackernews.com/2024/11/new-ymir-ransomware-exploits-memory-for.html www.secnews.physaphae.fr/article.php?IdArticle=8609672 False Ransomware,Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. "The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical skills of their own," the Federal Criminal Police Office (aka]]> 2024-11-04T17:32:00+00:00 https://thehackernews.com/2024/11/german-police-disrupt-ddos-for-hire.html www.secnews.physaphae.fr/article.php?IdArticle=8605930 False Threat,Legislation,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host," researchers Abdelrahman Esmail and Sunil Bharti said in a technical]]> 2024-10-22T19:30:00+00:00 https://thehackernews.com/2024/10/cybercriminals-exploiting-docker-api.html www.secnews.physaphae.fr/article.php?IdArticle=8601396 False Threat,Prediction,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and high-risk, but also soul-crushingly repetitive, dealing with a constant flood of alerts and incidents. As a result, SOC analysts often leave in search of better pay, the opportunity to move beyond]]> 2024-10-10T16:30:00+00:00 https://thehackernews.com/2024/10/6-simple-steps-to-eliminate-soc-analyst.html www.secnews.physaphae.fr/article.php?IdArticle=8595386 False Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that\'s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report. "]]> 2024-08-22T10:01:00+00:00 https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html www.secnews.physaphae.fr/article.php?IdArticle=8561771 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat. "These attacks are opportunistic in nature, targeting users seeking popular business software," the Mandiant Managed Defense team said in a technical report. "The infection utilizes a trojanized MSIX installer, which executes a PowerShell script to]]> 2024-08-19T18:07:00+00:00 https://thehackernews.com/2024/08/cybercriminals-exploit-popular-software.html www.secnews.physaphae.fr/article.php?IdArticle=8560279 False Malware,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the following: Exposing environment variables, using long-lived credentials, and absence]]> 2024-08-16T22:00:00+00:00 https://thehackernews.com/2024/08/attackers-exploit-public-env-files-to.html www.secnews.physaphae.fr/article.php?IdArticle=8558809 False Threat,Cloud,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. "Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally," Dutch security outfit ThreatFabric said in a technical]]> 2024-08-07T11:55:00+00:00 https://thehackernews.com/2024/08/chameleon-android-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8553253 False Threat,Mobile,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway to email, bank accounts, stocks,]]> 2024-07-17T16:39:00+00:00 https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html www.secnews.physaphae.fr/article.php?IdArticle=8538806 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. "Misconfigurations such as improperly set up authentication mechanisms expose the \'/script\' endpoint to attackers," Trend Micro\'s Shubham Singh and Sunil Bharti said in a technical write-up]]> 2024-07-09T17:20:00+00:00 https://thehackernews.com/2024/07/hackers-exploiting-jenkins-script.html www.secnews.physaphae.fr/article.php?IdArticle=8533441 False Prediction,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies researchers Vladislav Lunin and Alexander Badayev said in a technical report]]> 2024-06-22T16:58:00+00:00 https://thehackernews.com/2024/06/excobalt-cyber-gang-targets-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8523398 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust. "This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist," the BlackBerry Research and Intelligence Team said in a technical report]]> 2024-05-27T12:01:00+00:00 https://thehackernews.com/2024/05/pakistan-linked-hackers-deploy-python.html www.secnews.physaphae.fr/article.php?IdArticle=8507674 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. "This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands," Check Point said in a technical report. "This exploit has been used by multiple]]> 2024-05-20T17:50:00+00:00 https://thehackernews.com/2024/05/foxit-pdf-reader-flaw-exploited-by.html www.secnews.physaphae.fr/article.php?IdArticle=8503379 False Malware,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts]]> 2024-05-13T15:49:00+00:00 https://thehackernews.com/2024/05/shq-response-platform-and-risk-centre.html www.secnews.physaphae.fr/article.php?IdArticle=8498846 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. "These enhancements aim to increase the malware\'s stealthiness, thereby remaining undetected for longer periods of time," Zscaler ThreatLabz researcher Muhammed Irfan V A said in a technical report. "Hijack]]> 2024-05-08T16:28:00+00:00 https://thehackernews.com/2024/05/hijack-loader-malware-employs-process.html www.secnews.physaphae.fr/article.php?IdArticle=8495847 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest," Kaspersky researcher Dmitry Kalinin said in a technical analysis.]]> 2024-04-18T16:01:00+00:00 https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html www.secnews.physaphae.fr/article.php?IdArticle=8484686 False Malware,Mobile,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced support for what\'s called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox]]> 2024-04-08T19:21:00+00:00 https://thehackernews.com/2024/04/google-chrome-adds-v8-sandbox-new.html www.secnews.physaphae.fr/article.php?IdArticle=8478161 False Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week. "It employs the .NET (de)serialization feature to interact with a core]]> 2024-04-05T13:18:00+00:00 https://thehackernews.com/2024/04/new-wave-of-jsoutprox-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8476376 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In January 2024, Microsoft discovered they\'d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn\'t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of]]> 2024-03-25T17:07:00+00:00 https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html www.secnews.physaphae.fr/article.php?IdArticle=8470153 False Hack,Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app\'s icon from the home screen of the victim\'s device, IBM said in a technical report published today. “Thanks to this new technique, during PixPirate reconnaissance]]> 2024-03-13T19:25:00+00:00 https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html www.secnews.physaphae.fr/article.php?IdArticle=8463199 False Threat,Mobile,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It]]> 2024-03-11T11:58:00+00:00 https://thehackernews.com/2024/03/proof-of-concept-exploit-released-for.html www.secnews.physaphae.fr/article.php?IdArticle=8461989 False Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Facebook messages are being used by threat actors to a Python-based information stealer dubbed Snake that\'s designed to capture credentials and other sensitive data. “The credentials harvested from unsuspecting users are transmitted to different platforms such as Discord, GitHub, and Telegram,” Cybereason researcher Kotaro Ogino said in a technical report. Details about the campaign&]]> 2024-03-07T13:09:00+00:00 https://thehackernews.com/2024/03/new-python-based-snake-info-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8460221 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report. The cryptojacking attack is facilitated]]> 2024-02-20T20:50:00+00:00 https://thehackernews.com/2024/02/new-migo-malware-targeting-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8452773 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll]]> 2024-02-08T12:23:00+00:00 https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html www.secnews.physaphae.fr/article.php?IdArticle=8447938 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the modern counterpart - a multi-layered approach with strategic redundancy and a blend of passive and active security]]> 2024-01-26T16:34:00+00:00 https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html www.secnews.physaphae.fr/article.php?IdArticle=8443370 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023. "ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity]]> 2024-01-22T22:17:00+00:00 https://thehackernews.com/2024/01/north-korean-hackers-weaponize-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8441736 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group\'s Pegasus, QuaDream\'s Reign, and Intellexa\'s Predator.  Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file]]> 2024-01-17T15:52:00+00:00 https://thehackernews.com/2024/01/new-ishutdown-method-exposes-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8439832 False Mobile,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a]]> 2024-01-14T14:37:00+00:00 https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438871 False Industrial,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL]]> 2024-01-01T19:30:00+00:00 https://thehackernews.com/2024/01/new-variant-of-dll-search-order.html www.secnews.physaphae.fr/article.php?IdArticle=8432407 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security]]> 2023-12-18T21:13:00+00:00 https://thehackernews.com/2023/12/beware-experts-reveal-new-details-on.html www.secnews.physaphae.fr/article.php?IdArticle=8424888 False Vulnerability,Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader\'s core functionality hasn\'t changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing GuLoader a time-consuming and resource-intensive process," Elastic Security Labs]]> 2023-12-09T12:46:00+00:00 https://thehackernews.com/2023/12/researchers-unveal-guloader-malwares.html www.secnews.physaphae.fr/article.php?IdArticle=8420386 False Malware,Threat,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals with limited technical expertise to carry out devastating attacks.]]> 2023-12-08T16:38:00+00:00 https://thehackernews.com/2023/12/ransomware-as-service-growing-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8420156 False Ransomware,Threat,Prediction,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until human mouse activity is detected," Outpost24 security researcher Alberto Marín said in a technical]]> 2023-11-20T16:19:00+00:00 https://thehackernews.com/2023/11/lummac2-malware-deploys-new.html www.secnews.physaphae.fr/article.php?IdArticle=8414826 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino is an APT threat actor with strong technical and learning ability, who is good]]> 2023-11-16T19:21:00+00:00 https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html www.secnews.physaphae.fr/article.php?IdArticle=8412886 False Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. "The framework\'s web component is written in the Go programming language," Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been attributed to MuddyWater, an Iranian]]> 2023-11-09T16:20:00+00:00 https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html www.secnews.physaphae.fr/article.php?IdArticle=8408439 False Tool,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Download the free guide, "It\'s a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into generative AI engines. They use these tools to write]]> 2023-11-08T16:30:00+00:00 https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html www.secnews.physaphae.fr/article.php?IdArticle=8407813 False Tool,Technical ChatGPT 2.0000000000000000