This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-15T02:23:28+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, "The Future of Threat Hunting is Powered by Generative AI," where you\'ll explore how AI tools are shaping the future of cybersecurity defenses. During the session, Censys Security Researcher Aidan Holland will]]> 2024-05-10T18:22:00+00:00 https://thehackernews.com/2024/05/censysgpt-ai-powered-threat-hunting-for.html www.secnews.physaphae.fr/article.php?IdArticle=8497223 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that\'s vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free bug impacting versions 1.10.0 and 1.11.1, which is the]]> 2024-05-06T19:30:00+00:00 https://thehackernews.com/2024/05/critical-tinyproxy-flaw-opens-over.html www.secnews.physaphae.fr/article.php?IdArticle=8494660 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There\'s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you\'ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how many experts or trusted cybersecurity tools your organization has a standing guard,]]> 2024-05-01T16:33:00+00:00 https://thehackernews.com/2024/05/everyones-expert-how-to-empower-your.html www.secnews.physaphae.fr/article.php?IdArticle=8491762 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services. These unprecedented attacks, observed over the last month, are said to be facilitated by "the broad availability of residential proxy services, lists of previously stolen credentials (\'combo lists\'), and scripting tools," the]]> 2024-04-28T19:22:00+00:00 https://thehackernews.com/2024/04/okta-warns-of-unprecedented-surge-in.html www.secnews.physaphae.fr/article.php?IdArticle=8490136 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit]]> 2024-04-25T16:43:00+00:00 https://thehackernews.com/2024/04/network-threats-step-by-step-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8488507 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a now-patched flaw that allowed for]]> 2024-04-23T09:53:00+00:00 https://thehackernews.com/2024/04/russias-apt28-exploited-windows-print.html www.secnews.physaphae.fr/article.php?IdArticle=8487211 False Malware,Tool,Threat APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from primarily governmental organizations, some of them defense related, located in]]> 2024-04-22T20:41:00+00:00 https://thehackernews.com/2024/04/russian-hacker-group-toddycat-uses.html www.secnews.physaphae.fr/article.php?IdArticle=8486890 False Tool,Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient. "They are learning to use tools powered by AI large language models (LLM) to make their operations more efficient and effective," the tech giant said in its latest report on East Asia hacking groups. The company]]> 2024-04-22T12:42:00+00:00 https://thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8486679 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. "Waterbear is known for its complexity, as it]]> 2024-04-19T19:14:00+00:00 https://thehackernews.com/2024/04/blacktech-targets-tech-research-and-gov.html www.secnews.physaphae.fr/article.php?IdArticle=8485329 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations. Detecting Threats in PDFs PDF files are frequently exploited by threat actors to]]> 2024-04-18T16:01:00+00:00 https://thehackernews.com/2024/04/how-to-conduct-advanced-static-analysis.html www.secnews.physaphae.fr/article.php?IdArticle=8484687 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The introduction of Open AI\'s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing,]]> 2024-04-17T16:37:00+00:00 https://thehackernews.com/2024/04/genai-new-headache-for-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8484090 False Tool,Cloud ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to organizations. The vulnerability has been codenamed LeakyCLI by cloud security firm Orca. "Some commands on Azure CLI, AWS CLI, and Google Cloud CLI can expose sensitive information in]]> 2024-04-16T18:56:00+00:00 https://thehackernews.com/2024/04/aws-google-and-azure-cli-tools-could.html www.secnews.physaphae.fr/article.php?IdArticle=8483499 False Tool,Vulnerability,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. "While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater\'s methods remain constant," Deep]]> 2024-04-12T15:19:00+00:00 https://thehackernews.com/2024/04/iranian-muddywater-hackers-adopt-new-c2.html www.secnews.physaphae.fr/article.php?IdArticle=8480647 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a credit card skimmer that\'s concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the "Miscellaneous Scripts" section of the Magento admin panel. "]]> 2024-04-12T10:39:00+00:00 https://thehackernews.com/2024/04/sneaky-credit-card-skimmer-disguised-as.html www.secnews.physaphae.fr/article.php?IdArticle=8480496 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are used by state actors to pull off "individually targeted]]> 2024-04-11T12:14:00+00:00 https://thehackernews.com/2024/04/apple-expands-spyware-alert-system-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479812 False Tool,Threat,Commercial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet]]> 2024-04-09T12:54:00+00:00 https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html www.secnews.physaphae.fr/article.php?IdArticle=8478562 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have identified a suspicious package in the NuGet package manager that\'s likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded ]]> 2024-03-26T22:24:00+00:00 https://thehackernews.com/2024/03/malicious-nuget-package-linked-to.html www.secnews.physaphae.fr/article.php?IdArticle=8470884 False Tool,Threat,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that\'s used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs researcher Kashinath T Pattan said. "Classified as an SMTP cracker, it exploits SMTP]]> 2024-03-21T18:18:00+00:00 https://thehackernews.com/2024/03/androxgh0st-malware-targets-laravel.html www.secnews.physaphae.fr/article.php?IdArticle=8467923 False Malware,Tool,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub on Wednesday announced that it\'s making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort to avoid introducing new security issues. "Powered by GitHub Copilot and CodeQL, code scanning autofix covers more than 90% of alert types in JavaScript, Typescript, Java, and]]> 2024-03-21T16:00:00+00:00 https://thehackernews.com/2024/03/github-launches-ai-powered-autofix-tool.html www.secnews.physaphae.fr/article.php?IdArticle=8467865 False Tool,Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules. "Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," Recorded Future said in a new report shared with The Hacker News.]]> 2024-03-19T19:25:00+00:00 https://thehackernews.com/2024/03/from-deepfakes-to-malware-ais-expanding.html www.secnews.physaphae.fr/article.php?IdArticle=8466698 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory traversal within the \'ftpservlet\' of the FileCatalyst Workflow]]> 2024-03-18T18:28:00+00:00 https://thehackernews.com/2024/03/fortra-patches-critical-rce.html www.secnews.physaphae.fr/article.php?IdArticle=8466065 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis]]> 2024-03-14T15:53:00+00:00 https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8463710 False Tool,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own-this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today\'s ever-evolving file upload security landscape, and a big part of that is understanding where the]]> 2024-03-13T21:09:00+00:00 https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html www.secnews.physaphae.fr/article.php?IdArticle=8463289 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first QEMU that has been]]> 2024-03-08T13:18:00+00:00 https://thehackernews.com/2024/03/cybercriminals-utilize-qemu-emulator-as.html www.secnews.physaphae.fr/article.php?IdArticle=8460719 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. “The attackers leverage these tools to issue exploit code, taking advantage of common misconfigurations and]]> 2024-03-06T22:28:00+00:00 https://thehackernews.com/2024/03/hackers-exploit-misconfigured-yarn.html www.secnews.physaphae.fr/article.php?IdArticle=8459936 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a "key tool for onboarding and managing these money mules," CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam ]]> 2024-03-04T19:20:00+00:00 https://thehackernews.com/2024/03/how-cybercriminals-are-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8458868 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security. "Ivanti ICT is not sufficient to detect compromise and that a cyber threat actor may be able]]> 2024-03-01T11:56:00+00:00 https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html www.secnews.physaphae.fr/article.php?IdArticle=8457395 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team]]> 2024-02-23T17:01:00+00:00 https://thehackernews.com/2024/02/microsoft-releases-pyrit-red-teaming.html www.secnews.physaphae.fr/article.php?IdArticle=8454107 False Tool,Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it\'s been shared]]> 2024-02-23T16:59:00+00:00 https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html www.secnews.physaphae.fr/article.php?IdArticle=8454108 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/cybercriminals-weaponizing-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8453620 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People\'s Republic of Korea (DPRK)-nexus actors targeting Russia. The]]> 2024-02-22T16:13:00+00:00 https://thehackernews.com/2024/02/russian-government-software-backdoored.html www.secnews.physaphae.fr/article.php?IdArticle=8453622 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it\'s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. "Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher precision on traditionally hard to identify, but potentially problematic content]]> 2024-02-17T12:56:00+00:00 https://thehackernews.com/2024/02/google-open-sources-magika-ai-powered.html www.secnews.physaphae.fr/article.php?IdArticle=8451312 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. "While \'command-not-found\' serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the]]> 2024-02-14T18:56:00+00:00 https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html www.secnews.physaphae.fr/article.php?IdArticle=8450004 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). "Through a comprehensive analysis of Rhysida Ransomware, we identified an]]> 2024-02-12T18:42:00+00:00 https://thehackernews.com/2024/02/rhysida-ransomware-cracked-free.html www.secnews.physaphae.fr/article.php?IdArticle=8449262 False Ransomware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Incident response (IR) is a race against time. You engage your internal or external team because there\'s enough evidence that something bad is happening, but you\'re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability to discover malicious files and outbound network connections. However, the identity aspect - namely]]> 2024-02-12T15:30:00+00:00 https://thehackernews.com/2024/02/why-are-compromised-identities.html www.secnews.physaphae.fr/article.php?IdArticle=8449216 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by]]> 2024-02-07T15:15:00+00:00 https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html www.secnews.physaphae.fr/article.php?IdArticle=8447601 False Tool,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of]]> 2024-02-05T16:42:00+00:00 https://thehackernews.com/2024/02/hands-on-review-sase-based-xdr-from.html www.secnews.physaphae.fr/article.php?IdArticle=8446927 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk. "These container]]> 2024-02-01T01:30:00+00:00 https://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html www.secnews.physaphae.fr/article.php?IdArticle=8445309 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange illicit tools and insights creating a dark and]]> 2024-01-31T17:51:00+00:00 https://thehackernews.com/2024/01/telegram-marketplaces-fuel-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8445172 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that\'s used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused]]> 2024-01-31T12:53:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8445089 False Malware,Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf Labs, which discovered the new attack tool in two recent intrusions, said the loader\'s icon and name masquerades as the legitimate CherryTree note-taking application to dupe potential victims]]> 2024-01-25T12:51:00+00:00 https://thehackernews.com/2024/01/new-cherryloader-malware-mimics.html www.secnews.physaphae.fr/article.php?IdArticle=8442858 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. “Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various]]> 2024-01-11T19:30:00+00:00 https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8437897 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particularly firewalls and VPNs, which give attackers direct network access to execute their attacks. In fact, Gartner&]]> 2024-01-08T14:31:00+00:00 https://thehackernews.com/2024/01/webinar-leverage-zero-trust-security-to.html www.secnews.physaphae.fr/article.php?IdArticle=8436517 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Picture this: you stumble upon a concealed secret within your company\'s source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secret is just the beginning; swift and resolute action becomes imperative. However, lacking the]]> 2024-01-05T15:33:00+00:00 https://thehackernews.com/2024/01/exposed-secrets-are-everywhere-heres.html www.secnews.physaphae.fr/article.php?IdArticle=8435044 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky. “A notable point about attacks that]]> 2023-12-29T14:39:00+00:00 https://thehackernews.com/2023/12/kimsuky-hackers-deploying-appleseed.html www.secnews.physaphae.fr/article.php?IdArticle=8430708 False Tool,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. "Threat actors can also choose to install only scanners and sell the breached IP and account credentials on]]> 2023-12-27T10:59:00+00:00 https://thehackernews.com/2023/12/warning-poorly-secured-linux-ssh.html www.secnews.physaphae.fr/article.php?IdArticle=8429640 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of Investigation (FBI) enlisted the help of a confidential human source (CHS) to act as an affiliate for the BlackCat and gain]]> 2023-12-19T21:22:00+00:00 https://thehackernews.com/2023/12/fbi-takes-down-blackcat-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425555 False Ransomware,Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. "Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second stage malware and sidestep detection tools," ReversingLabs researcher Karlo Zanki ]]> 2023-12-19T19:00:00+00:00 https://thehackernews.com/2023/12/hackers-abusing-github-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8425467 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting them millions of dollars in illicit revenue. "Fraudulent online accounts act as the gateway to a host of cybercrime,]]> 2023-12-14T11:16:00+00:00 https://thehackernews.com/2023/12/microsoft-takes-legal-action-to-crack.html www.secnews.physaphae.fr/article.php?IdArticle=8422461 False Tool,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of]]> 2023-12-13T18:45:00+00:00 https://thehackernews.com/2023/12/google-using-clang-sanitizers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8422108 False Tool,Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malware analysis encompasses a broad range of activities, including examining the malware\'s network traffic. To be effective at it, it\'s crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you\'ll need to address them. Decrypting HTTPS traffic Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure]]> 2023-12-13T17:32:00+00:00 https://thehackernews.com/2023/12/how-to-analyze-malwares-network-traffic.html www.secnews.physaphae.fr/article.php?IdArticle=8422060 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an]]> 2023-12-13T16:25:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8422035 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps - Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft\'s dream is to take the drudgery out of daily work and let humans focus on being creative problem-solvers. What makes Copilot a different beast than ChatGPT and]]> 2023-12-05T16:59:00+00:00 https://thehackernews.com/2023/12/generative-ai-security-preventing.html www.secnews.physaphae.fr/article.php?IdArticle=8419257 False Tool ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data]]> 2023-12-02T13:22:00+00:00 https://thehackernews.com/2023/12/russian-hacker-vladimir-dunaev.html www.secnews.physaphae.fr/article.php?IdArticle=8418523 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information.  SaaS applications supporting retail efforts will host]]> 2023-11-27T23:27:00+00:00 https://thehackernews.com/2023/11/how-to-handle-retail-saas-security-on.html www.secnews.physaphae.fr/article.php?IdArticle=8417295 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security RisksLike the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot.  Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT\'s meteoric rise to 100 million users within 60 days of launch, especially with little]]> 2023-11-22T16:38:00+00:00 https://thehackernews.com/2023/11/ai-solutions-are-new-shadow-it.html www.secnews.physaphae.fr/article.php?IdArticle=8415868 False Tool,Cloud ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don\'t pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of (or augment) inefficient and cumbersome SIEMs. With an estimated 80% of]]> 2023-11-10T14:30:00+00:00 https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html www.secnews.physaphae.fr/article.php?IdArticle=8408991 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its infrastructure (domain names) and cloaking templates used]]> 2023-11-09T18:56:00+00:00 https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8408503 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. "The framework\'s web component is written in the Go programming language," Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been attributed to MuddyWater, an Iranian]]> 2023-11-09T16:20:00+00:00 https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html www.secnews.physaphae.fr/article.php?IdArticle=8408439 False Tool,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls" that masks users\' IP addresses to other parties by relaying the calls through its servers. "Calls are end-to-end encrypted, so even if a call is relayed through WhatsApp servers, WhatsApp cannot listen to your calls," the company said in a statement shared with The]]> 2023-11-08T19:27:00+00:00 https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8407908 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News. "[BlazeStealer]]]> 2023-11-08T18:27:00+00:00 https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8407875 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Download the free guide, "It\'s a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into generative AI engines. They use these tools to write]]> 2023-11-08T16:30:00+00:00 https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html www.secnews.physaphae.fr/article.php?IdArticle=8407813 False Tool,Technical ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group\'s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as CobaltStrike or RDP," IBM X-Force researchers Golo Mühr and Ole]]> 2023-11-07T17:58:00+00:00 https://thehackernews.com/2023/11/new-gootloader-malware-variant-evades.html www.secnews.physaphae.fr/article.php?IdArticle=8407229 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT, but also how defenders can use it for leveling up their game. ChatGPT is the most swiftly growing consumer application to date. The extremely popular generative AI chatbot has the ability to generate human-like, coherent and contextually relevant responses.]]> 2023-11-07T15:51:00+00:00 https://thehackernews.com/2023/11/offensive-and-defensive-ai-lets-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8407178 False Tool,Threat ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023. "The script creates a \'Covert Channel\' by exploiting the event]]> 2023-11-06T13:55:00+00:00 https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html www.secnews.physaphae.fr/article.php?IdArticle=8406528 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees\' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter]]> 2023-11-02T14:54:00+00:00 https://thehackernews.com/2023/11/saas-security-is-now-accessible-and.html www.secnews.physaphae.fr/article.php?IdArticle=8404604 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign "exhibits updated TTPs to previously reported MuddyWater activity,"]]> 2023-11-02T14:51:00+00:00 https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404605 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for]]> 2023-10-27T20:27:00+00:00 https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html www.secnews.physaphae.fr/article.php?IdArticle=8401494 False Malware,Tool,Threat APT 38,APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence-formerly the realm of data science and engineering teams-has become a resource available to every employee.  From a productivity perspective, that\'s fantastic. Unfortunately for IT and security teams, it also means you may have hundreds of people in your organization using a new tool in]]> 2023-10-23T17:04:00+00:00 https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html www.secnews.physaphae.fr/article.php?IdArticle=8399384 False Tool ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attacks leveraging the DarkGate commodity malware targeting entities in the U.K., the U.S., and India have been linked to Vietnamese actors associated with the use of the infamous Ducktail stealer. "The overlap of tools and campaigns is very likely due to the effects of a cybercrime marketplace," WithSecure said in a report published today. "Threat actors are able to acquire and use multiple]]> 2023-10-20T18:58:00+00:00 https://thehackernews.com/2023/10/vietnamese-hackers-target-uk-us-and.html www.secnews.physaphae.fr/article.php?IdArticle=8398266 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The shortcoming has been actively]]> 2023-10-19T09:32:00+00:00 https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8397549 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew\'s tactics and capabilities. The findings come from Kaspersky, which first shed light on the adversary last year, linking it to attacks against high-profile entities in Europe and Asia for nearly three]]> 2023-10-13T17:23:00+00:00 https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395127 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result in financial and reputational damage but also lead to legal consequences. Therefore, robust data access security measures are essential to safeguard an organization\'s assets, maintain customer trust, and meet regulatory requirements.  A]]> 2023-10-06T15:51:00+00:00 https://thehackernews.com/2023/10/new-os-tool-tells-you-who-has-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8392178 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed to the Chinese nation-state group APT41. On]]> 2023-10-04T20:39:00+00:00 https://thehackernews.com/2023/10/researchers-link-dragonegg-android.html www.secnews.physaphae.fr/article.php?IdArticle=8391492 False Malware,Tool APT 41,APT 41 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that could have adverse impacts when importing a specially crafted project in versions 3.7.3 and below. "Although OpenRefine]]> 2023-10-02T13:32:00+00:00 https://thehackernews.com/2023/10/openrefines-zip-slip-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8390402 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface," Securonix researchers Den]]> 2023-09-25T18:35:00+00:00 https://thehackernews.com/2023/09/ukrainian-military-targeted-in-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8387609 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are unleashing waves of productivity across the business, from IT, to customer experience, to engineering. That\'s on the one hand.  On the other end of this fencing match: risk. From IP leakage and data privacy risks to the empowering of cybercriminals with AI tools, generative AI]]> 2023-09-25T17:11:00+00:00 https://thehackernews.com/2023/09/watch-webinar-ai-vs-ai-harnessing-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8387573 False Tool ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Well, you shouldn\'t. It may already be hiding vulnerabilities. It\'s the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web components, JS frameworks, and open-source tools to deliver all the different functionalities that keep their customers happy, but this chain of dependencies is also what makes them so vulnerable. Many of]]> 2023-09-20T16:04:00+00:00 https://thehackernews.com/2023/09/do-you-really-trust-your-web.html www.secnews.physaphae.fr/article.php?IdArticle=8385759 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT mobile remote access trojan (RAT), demonstrating the continued evolution of the activity. "CapraRAT is a highly invasive tool that gives the attacker control over much of the data on the Android devices that it infects," SentinelOne security]]> 2023-09-19T12:26:00+00:00 https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html www.secnews.physaphae.fr/article.php?IdArticle=8385200 False Malware,Tool,Threat APT 36 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this campaign, the threat actors steal and exfiltrate NTLMv2 hashes using customized versions of Nishang\'s]]> 2023-09-11T13:24:00+00:00 https://thehackernews.com/2023/09/cybercriminals-using-powershell-to.html www.secnews.physaphae.fr/article.php?IdArticle=8381180 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. "The attacker uses Advanced Installer to package other legitimate software installers, such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro, with malicious scripts and uses]]> 2023-09-09T11:55:00+00:00 https://thehackernews.com/2023/09/cybercriminals-weaponizing-legitimate.html www.secnews.physaphae.fr/article.php?IdArticle=8380666 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, it\'s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions to confidential data storage. While organizations have quickly adopted tools like Multi-Factor Authentication (MFA),]]> 2023-09-05T17:26:00+00:00 https://thehackernews.com/2023/09/way-too-vulnerable-join-this-webinar-to.html www.secnews.physaphae.fr/article.php?IdArticle=8379142 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IBM\'s 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What\'s interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team\'s nightmare scenario.  The average cost of a breach rose once again]]> 2023-09-05T16:44:00+00:00 https://thehackernews.com/2023/09/key-cybersecurity-tools-that-can.html www.secnews.physaphae.fr/article.php?IdArticle=8379143 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there are numerous malware strains developed in the Go language,” the AhnLab Security Emergency Response Center (ASEC) said in a deep dive]]> 2023-09-05T15:45:00+00:00 https://thehackernews.com/2023/09/researchers-warn-of-cyber-weapons-used.html www.secnews.physaphae.fr/article.php?IdArticle=8379144 False Malware,Tool,Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and infrastructure is employed. “Some of these tools include enumeration software, RAT payloads, exploitation and credential stealing software]]> 2023-09-01T21:11:00+00:00 https://thehackernews.com/2023/09/threat-actors-targeting-microsoft-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8377866 False Ransomware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cyber threats continue to evolve, adversaries are deploying a range of tools to breach security defenses and compromise sensitive data. Surprisingly, one of the most potent weapons in their arsenal is not malicious code but simply stolen or weak usernames and passwords. This article explores the seriousness of compromised credentials, the challenges they present to security solutions, and the]]> 2023-09-01T14:40:00+00:00 https://thehackernews.com/2023/09/its-zero-day-its-malware-no-its.html www.secnews.physaphae.fr/article.php?IdArticle=8377869 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ask any security professional and they\'ll tell you that remediating risks from various siloed security scanning tools requires a tedious and labor-intensive series of steps focused on deduplication, prioritization, and routing of issues to an appropriate “fixer” somewhere in the organization. This burden on already resource-strapped security teams is an efficiency killer.  A new study,]]> 2023-08-29T17:01:00+00:00 https://thehackernews.com/2023/08/survey-provides-takeaways-for-security.html www.secnews.physaphae.fr/article.php?IdArticle=8376188 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants. Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure. "The attacker behind this incident decided to use a different ransom note with a headline related to a]]> 2023-08-26T15:56:00+00:00 https://thehackernews.com/2023/08/lockbit-30-ransomware-builder-leak.html www.secnews.physaphae.fr/article.php?IdArticle=8374839 False Ransomware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company\'s]]> 2023-08-18T16:27:00+00:00 https://thehackernews.com/2023/08/new-blackcat-ransomware-variant-adopts.html www.secnews.physaphae.fr/article.php?IdArticle=8371721 False Ransomware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. "The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence," Sysdig]]> 2023-08-17T19:56:00+00:00 https://thehackernews.com/2023/08/new-labrat-campaign-exploits-gitlab.html www.secnews.physaphae.fr/article.php?IdArticle=8371285 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. "This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium\'s resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck]]> 2023-08-16T16:29:00+00:00 https://thehackernews.com/2023/08/google-introduces-first-quantum.html www.secnews.physaphae.fr/article.php?IdArticle=8370676 False Tool,General Information None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down its operations, deliberately imitating the tactics and tools associated with the latter, including its leaked source code. Not anymore.]]> 2023-08-15T19:41:00+00:00 https://thehackernews.com/2023/08/monti-ransomware-returns-with-new-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8370268 False Ransomware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Validate security continuously across your full stack with Pen Testing as a Service. In today\'s modern security operations center (SOC), it\'s a battle between the defenders and the cybercriminals. Both are using tools and expertise – however, the cybercriminals have the element of surprise on their side, and a host of tactics, techniques, and procedures (TTPs) that have evolved. These external]]> 2023-08-09T17:06:00+00:00 https://thehackernews.com/2023/08/continuous-security-validation-with.html www.secnews.physaphae.fr/article.php?IdArticle=8367850 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments "The SSM agent, a legitimate tool used by admins to manage their instances, can be re-purposed by an attacker who has achieved high privilege access on an endpoint with]]> 2023-08-02T17:20:00+00:00 https://thehackernews.com/2023/08/researchers-uncover-aws-ssm-agent.html www.secnews.physaphae.fr/article.php?IdArticle=8364718 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote trojans tools like Remcos RAT. "Among the software in question are various instruments for fine-tuning CPUs, graphic cards, and BIOS; PC hardware-monitoring tools; and some other apps," cybersecurity]]> 2023-07-31T14:08:00+00:00 https://thehackernews.com/2023/07/fruity-trojan-uses-deceptive-software.html www.secnews.physaphae.fr/article.php?IdArticle=8363801 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future ransomware attacks. Dubbed Nitrogen, the "opportunistic" activity is designed to deploy second-stage]]> 2023-07-27T18:42:00+00:00 https://thehackernews.com/2023/07/new-malvertising-campaign-distributing.html www.secnews.physaphae.fr/article.php?IdArticle=8362246 False Ransomware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development.  Placing security at the very end of the]]> 2023-07-27T16:55:00+00:00 https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8362202 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, etc.," Netenrich security researcher Rakesh Krishnan]]> 2023-07-26T15:32:00+00:00 https://thehackernews.com/2023/07/new-ai-tool-fraudgpt-emerges-tailored.html www.secnews.physaphae.fr/article.php?IdArticle=8361668 False Tool,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state, which allows them to take over any user account, including the admin account," Sonar vulnerability]]> 2023-07-20T21:26:00+00:00 https://thehackernews.com/2023/07/apache-openmeetings-web-conferencing.html www.secnews.physaphae.fr/article.php?IdArticle=8359338 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) On April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market, one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can read the FBI\'s warrant here for details specific to this case. In light of these events, I\'d like to discuss how OSINT]]> 2023-07-19T15:34:00+00:00 https://thehackernews.com/2023/07/exploring-dark-side-osint-tools-and.html www.secnews.physaphae.fr/article.php?IdArticle=8358766 False Tool None 2.0000000000000000