This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-13T21:49:05+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. "These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT]]> 2024-05-13T15:42:00+00:00 https://thehackernews.com/2024/05/severe-vulnerabilities-in-cinterion.html www.secnews.physaphae.fr/article.php?IdArticle=8498847 False Vulnerability,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024. Use-after-free bugs, which arise when a program]]> 2024-05-10T15:53:00+00:00 https://thehackernews.com/2024/05/chrome-zero-day-alert-update-your.html www.secnews.physaphae.fr/article.php?IdArticle=8497139 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws "can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next]]> 2024-05-09T11:41:00+00:00 https://thehackernews.com/2024/05/critical-f5-central-manager.html www.secnews.physaphae.fr/article.php?IdArticle=8496390 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites. The findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with the names wpsupp‑user ]]> 2024-05-08T12:33:00+00:00 https://thehackernews.com/2024/05/hackers-exploiting-litespeed-cache-bug.html www.secnews.physaphae.fr/article.php?IdArticle=8495787 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023. The attack, which came to light last month, singled out MITRE\'s Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day]]> 2024-05-07T18:25:00+00:00 https://thehackernews.com/2024/05/china-linked-hackers-used-rootrot.html www.secnews.physaphae.fr/article.php?IdArticle=8495242 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How safe is your comments section? Discover how a seemingly innocent \'thank you\' comment on a product page concealed a malicious vulnerability, underscoring the necessity of robust security measures. Read the full real-life case study here.  When is a \'Thank you\' not a \'Thank you\'? When it\'s a sneaky bit of code that\'s been hidden inside a \'Thank You\']]> 2024-05-07T16:12:00+00:00 https://thehackernews.com/2024/05/new-case-study-malicious-comment.html www.secnews.physaphae.fr/article.php?IdArticle=8495186 False Vulnerability,Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system privileges, [and] disclosure of phone, settings and Xiaomi account data," mobile security firm]]> 2024-05-06T15:33:00+00:00 https://thehackernews.com/2024/05/xiaomi-android-devices-hit-by-multiple.html www.secnews.physaphae.fr/article.php?IdArticle=8494546 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. Of the 10 security defects, four are rated critical in severity - CVE-2024-26304 (CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the L2/L3 Management Service Accessed via]]> 2024-05-03T10:20:00+00:00 https://thehackernews.com/2024/05/four-critical-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8492798 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app\'s home directory. "The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an application\'s ]]> 2024-05-02T19:52:00+00:00 https://thehackernews.com/2024/05/popular-android-apps-like-xiaomi-wps.html www.secnews.physaphae.fr/article.php?IdArticle=8492468 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Like antivirus software, vulnerability scans rely on a database of known weaknesses. That\'s why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware sample is detected by multiple virus scanning engines, but this concept hasn\'t existed in the vulnerability management space. The benefits of using multiple scanning engines Generally speaking]]> 2024-05-02T15:55:00+00:00 https://thehackernews.com/2024/05/when-is-one-vulnerability-scanner-not.html www.secnews.physaphae.fr/article.php?IdArticle=8492325 False Malware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 (CVSS score: 9.8), which affects D-Link DIR-645 routers and allows remote attackers to execute arbitrary]]> 2024-05-02T15:40:00+00:00 https://thehackernews.com/2024/05/new-goldoon-botnet-targets-d-link.html www.secnews.physaphae.fr/article.php?IdArticle=8492327 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by sending password reset emails to an unverified email]]> 2024-05-02T11:45:00+00:00 https://thehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8492217 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced. The flaw, assigned the CVE identifier CVE-2024-27322, "involves the use of promise objects and lazy evaluation in R," AI application security]]> 2024-04-29T16:20:00+00:00 https://thehackernews.com/2024/04/new-r-programming-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8490673 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an "adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine," Australian]]> 2024-04-29T15:28:00+00:00 https://thehackernews.com/2024/04/sandbox-escape-vulnerabilities-in.html www.secnews.physaphae.fr/article.php?IdArticle=8490593 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances. The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discovered and reported them. The issues range from incorrect firewall rules,]]> 2024-04-26T19:33:00+00:00 https://thehackernews.com/2024/04/severe-flaws-disclosed-in-brocade.html www.secnews.physaphae.fr/article.php?IdArticle=8489132 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in]]> 2024-04-26T15:48:00+00:00 https://thehackernews.com/2024/04/palo-alto-networks-outlines-remediation.html www.secnews.physaphae.fr/article.php?IdArticle=8489007 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0. "This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as]]> 2024-04-26T11:19:00+00:00 https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html www.secnews.physaphae.fr/article.php?IdArticle=8488912 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit]]> 2024-04-25T16:43:00+00:00 https://thehackernews.com/2024/04/network-threats-step-by-step-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8488507 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributing it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft). "]]> 2024-04-25T11:20:00+00:00 https://thehackernews.com/2024/04/state-sponsored-hackers-exploit-two.html www.secnews.physaphae.fr/article.php?IdArticle=8488387 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users\' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi. The only vendor whose keyboard app did not have any security]]> 2024-04-24T15:06:00+00:00 https://thehackernews.com/2024/04/major-security-flaws-expose-keystrokes.html www.secnews.physaphae.fr/article.php?IdArticle=8487895 False Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This&]]> 2024-04-23T19:30:00+00:00 https://thehackernews.com/2024/04/apache-cordova-app-harness-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8487481 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified research and prototyping network. The unknown adversary "performed reconnaissance]]> 2024-04-22T16:35:00+00:00 https://thehackernews.com/2024/04/mitre-corporation-breached-by-nation.html www.secnews.physaphae.fr/article.php?IdArticle=8486779 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. "In]]> 2024-04-20T11:23:00+00:00 https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html www.secnews.physaphae.fr/article.php?IdArticle=8485659 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.]]> 2024-04-20T10:48:00+00:00 https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8485660 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That\'s according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform that operates as a]]> 2024-04-18T11:24:00+00:00 https://thehackernews.com/2024/04/hackers-exploit-openmetadata-flaws-to.html www.secnews.physaphae.fr/article.php?IdArticle=8484537 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account. Armed with this access, a]]> 2024-04-17T16:27:00+00:00 https://thehackernews.com/2024/04/critical-atlassian-flaw-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8484052 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to organizations. The vulnerability has been codenamed LeakyCLI by cloud security firm Orca. "Some commands on Azure CLI, AWS CLI, and Google Cloud CLI can expose sensitive information in]]> 2024-04-16T18:56:00+00:00 https://thehackernews.com/2024/04/aws-google-and-azure-cli-tools-could.html www.secnews.physaphae.fr/article.php?IdArticle=8483499 False Tool,Vulnerability,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521 (ecdsa-sha2-nistp521) private keys. The flaw has been assigned the CVE identifier CVE-2024-31497, with the discovery credited to researchers Fabian Bäumer and Marcus]]> 2024-04-16T16:44:00+00:00 https://thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html www.secnews.physaphae.fr/article.php?IdArticle=8483392 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has heightened the vulnerability of digital identities to exploitation, making it imperative for businesses to fortify their identity security measures. Our recent research report, The Identity Underground]]> 2024-04-16T16:40:00+00:00 https://thehackernews.com/2024/04/identity-in-shadows-shedding-light-on.html www.secnews.physaphae.fr/article.php?IdArticle=8483393 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature that an unauthenticated attacker could weaponize to execute arbitrary code with root]]> 2024-04-15T13:47:00+00:00 https://thehackernews.com/2024/04/palo-alto-networks-releases-urgent.html www.secnews.physaphae.fr/article.php?IdArticle=8482580 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company\'s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of]]> 2024-04-13T13:55:00+00:00 https://thehackernews.com/2024/04/hackers-deploy-python-backdoor-in-palo.html www.secnews.physaphae.fr/article.php?IdArticle=8481314 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. "A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature]]> 2024-04-12T14:26:00+00:00 https://thehackernews.com/2024/04/zero-day-alert-critical-palo-alto.html www.secnews.physaphae.fr/article.php?IdArticle=8480648 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. "An Improper Control of Generation of Code (\'Code Injection\') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to]]> 2024-04-11T10:53:00+00:00 https://thehackernews.com/2024/04/fortinet-has-released-patches-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479787 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments. "The Rust standard library did not properly escape]]> 2024-04-10T08:35:00+00:00 https://thehackernews.com/2024/04/critical-batbadbut-rust-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8479069 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in November 2023. The issues were fixed by LG as part of updates released on March 22, 2024. The]]> 2024-04-09T18:35:00+00:00 https://thehackernews.com/2024/04/researchers-discover-lg-smart-tv.html www.secnews.physaphae.fr/article.php?IdArticle=8478695 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in]]> 2024-04-09T11:16:00+00:00 https://thehackernews.com/2024/04/critical-flaws-leave-92000-d-link-nas.html www.secnews.physaphae.fr/article.php?IdArticle=8478517 False Malware,Vulnerability,Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886. The Google Cloud]]> 2024-04-05T12:45:00+00:00 https://thehackernews.com/2024/04/researchers-identify-multiple-china.html www.secnews.physaphae.fr/article.php?IdArticle=8476377 False Vulnerability,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. "Many HTTP/2 implementations do not properly limit or sanitize the]]> 2024-04-04T16:45:00+00:00 https://thehackernews.com/2024/04/new-http2-vulnerability-exposes-web.html www.secnews.physaphae.fr/article.php?IdArticle=8475840 False Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of flaws is as follows - CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an]]> 2024-04-04T10:15:00+00:00 https://thehackernews.com/2024/04/ivanti-rushes-patches-for-4-new-flaw-in.html www.secnews.physaphae.fr/article.php?IdArticle=8475654 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component CVE-2024-29748 - A privilege escalation flaw in the firmware component "There are indications that the []]> 2024-04-03T21:40:00+00:00 https://thehackernews.com/2024/04/google-warns-android-zero-day-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8475338 False Vulnerability,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attack surface management (ASM) and vulnerability management (VM) are often confused, and while they overlap, they\'re not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attack surface management assumes you have unknown assets and so begins with discovery. Let\'s look at]]> 2024-04-03T16:42:00+00:00 https://thehackernews.com/2024/04/attack-surface-management-vs.html www.secnews.physaphae.fr/article.php?IdArticle=8475180 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security vulnerabilities discovered in Dormakaba\'s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana. They were reported to the Zurich-based]]> 2024-03-29T20:24:00+00:00 https://thehackernews.com/2024/03/dormakaba-locks-used-in-millions-of.html www.secnews.physaphae.fr/article.php?IdArticle=8472611 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manual approach often misses opportunities to find and fix security issues early on, leaving businesses vulnerable to]]> 2024-03-29T16:49:00+00:00 https://thehackernews.com/2024/03/the-golden-age-of-automated-penetration.html www.secnews.physaphae.fr/article.php?IdArticle=8472534 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user\'s password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante. It has been described as a case of improper]]> 2024-03-29T16:19:00+00:00 https://thehackernews.com/2024/03/new-linux-bug-could-lead-to-user.html www.secnews.physaphae.fr/article.php?IdArticle=8472507 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with]]> 2024-03-27T18:45:00+00:00 https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html www.secnews.physaphae.fr/article.php?IdArticle=8471391 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies\' computing power and leak sensitive data," Oligo Security researchers Avi]]> 2024-03-27T16:09:00+00:00 https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8471301 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) - Ivanti]]> 2024-03-26T10:24:00+00:00 https://thehackernews.com/2024/03/cisa-alerts-on-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8470582 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In January 2024, Microsoft discovered they\'d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn\'t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of]]> 2024-03-25T17:07:00+00:00 https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html www.secnews.physaphae.fr/article.php?IdArticle=8470153 False Hack,Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data]]> 2024-03-25T14:32:00+00:00 https://thehackernews.com/2024/03/new-gofetch-vulnerability-in-apple-m.html www.secnews.physaphae.fr/article.php?IdArticle=8470071 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims\' sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.]]> 2024-03-22T19:15:00+00:00 https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html www.secnews.physaphae.fr/article.php?IdArticle=8468499 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the SaaS supply chain snowball quickly. That\'s why effective vendor risk management (VRM) is a]]> 2024-03-21T17:00:00+00:00 https://thehackernews.com/2024/03/how-to-accelerate-vendor-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8467864 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats. Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6. "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance]]> 2024-03-21T09:25:00+00:00 https://thehackernews.com/2024/03/ivanti-releases-urgent-fix-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8467691 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction. Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity. Described as an SQL injection flaw, it\'s rooted in a dependency called org.postgresql:]]> 2024-03-21T09:04:00+00:00 https://thehackernews.com/2024/03/atlassian-releases-fixes-for-over-2.html www.secnews.physaphae.fr/article.php?IdArticle=8467667 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Environmental Protection Agency (EPA) said it\'s forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country. "In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations]]> 2024-03-20T11:18:00+00:00 https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html www.secnews.physaphae.fr/article.php?IdArticle=8467147 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory traversal within the \'ftpservlet\' of the FileCatalyst Workflow]]> 2024-03-18T18:28:00+00:00 https://thehackernews.com/2024/03/fortra-patches-critical-rce.html www.secnews.physaphae.fr/article.php?IdArticle=8466065 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions. "All the common synchronization primitives implemented]]> 2024-03-15T23:16:00+00:00 https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8464467 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher Tomer Peled said. “To exploit]]> 2024-03-14T17:29:00+00:00 https://thehackernews.com/2024/03/researchers-detail-kubernetes.html www.secnews.physaphae.fr/article.php?IdArticle=8463772 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass]]> 2024-03-14T10:27:00+00:00 https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html www.secnews.physaphae.fr/article.php?IdArticle=8463587 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. "An improper neutralization of special elements used in an SQL Command (\'SQL Injection\') vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted]]> 2024-03-14T09:51:00+00:00 https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8463588 True Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google\'s Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well as companies using the LLM API. The first vulnerability involves]]> 2024-03-13T15:44:00+00:00 https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8463116 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the flaws are listed as]]> 2024-03-13T11:08:00+00:00 https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html www.secnews.physaphae.fr/article.php?IdArticle=8462999 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you\'d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a Continuous Threat Exposure]]> 2024-03-12T16:37:00+00:00 https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8462597 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It]]> 2024-03-11T11:58:00+00:00 https://thehackernews.com/2024/03/proof-of-concept-exploit-released-for.html www.secnews.physaphae.fr/article.php?IdArticle=8461989 False Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts. “Threat actor group Magnet Goblin\'s hallmark is its ability to swiftly leverage newly disclosed vulnerabilities, particularly targeting]]> 2024-03-11T11:29:00+00:00 https://thehackernews.com/2024/03/magnet-goblin-hacker-group-leveraging-1.html www.secnews.physaphae.fr/article.php?IdArticle=8461990 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF]]> 2024-03-08T13:39:00+00:00 https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8460718 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a complete]]> 2024-03-08T11:43:00+00:00 https://thehackernews.com/2024/03/cisa-warns-of-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8460680 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB controller. They carry a CVSS score of 9.3 for Workstation and Fusion, and 8.4 for ESXi systems. "A]]> 2024-03-06T12:50:00+00:00 https://thehackernews.com/2024/03/vmware-issues-security-patches-for-esxi.html www.secnews.physaphae.fr/article.php?IdArticle=8459727 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below - CVE-2024-23225 - A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 - A memory]]> 2024-03-06T11:24:00+00:00 https://thehackernews.com/2024/03/urgent-apple-issues-critical-updates.html www.secnews.physaphae.fr/article.php?IdArticle=8459668 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The]]> 2024-03-05T09:04:00+00:00 https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html www.secnews.physaphae.fr/article.php?IdArticle=8459112 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security. "Ivanti ICT is not sufficient to detect compromise and that a cyber threat actor may be able]]> 2024-03-01T11:56:00+00:00 https://thehackernews.com/2024/03/five-eyes-agencies-warn-of-active.html www.secnews.physaphae.fr/article.php?IdArticle=8457395 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It was resolved by Microsoft earlier this month as part]]> 2024-02-29T16:49:00+00:00 https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8456930 False Vulnerability,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. "This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user]]> 2024-02-27T20:13:00+00:00 https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html www.secnews.physaphae.fr/article.php?IdArticle=8455914 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. "It\'s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted]]> 2024-02-27T15:48:00+00:00 https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8455809 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw. In an advisory published last week, WordPress]]> 2024-02-27T11:13:00+00:00 https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8455718 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched high-severity security flaw in Apple\'s Shortcuts app that could permit a shortcut to access sensitive information on the device without users\' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and ]]> 2024-02-23T10:35:00+00:00 https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8453985 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a]]> 2024-02-21T21:46:00+00:00 https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8453299 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying]]> 2024-02-21T11:04:00+00:00 https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8453048 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, are listed below - Authentication bypass using an alternate path or channel (CVSS score: 10.0) Improper limitation of]]> 2024-02-20T16:08:00+00:00 https://thehackernews.com/2024/02/critical-flaws-found-in-connectwise.html www.secnews.physaphae.fr/article.php?IdArticle=8452680 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia, Poland, and Ukraine, according to Recorded Future, which attributed the intrusion set to a threat]]> 2024-02-19T10:35:00+00:00 https://thehackernews.com/2024/02/russian-linked-hackers-breach-80.html www.secnews.physaphae.fr/article.php?IdArticle=8452169 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it\'s being likely exploited in Akira ransomware attacks. The vulnerability in question is ]]> 2024-02-16T21:12:00+00:00 https://thehackernews.com/2024/02/cisa-warning-akira-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8451009 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023. Their study]]> 2024-02-15T17:00:00+00:00 https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html www.secnews.physaphae.fr/article.php?IdArticle=8450383 False Vulnerability,Studies,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker]]> 2024-02-15T10:49:00+00:00 https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8450273 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet]]> 2024-02-14T13:03:00+00:00 https://thehackernews.com/2024/02/darkme-malware-targets-traders-using.html www.secnews.physaphae.fr/article.php?IdArticle=8449886 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed]]> 2024-02-14T10:31:00+00:00 https://thehackernews.com/2024/02/microsoft-rolls-out-patches-for-73.html www.secnews.physaphae.fr/article.php?IdArticle=8449859 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches - safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors such as sophisticated spear-phishing, misconfigurations and]]> 2024-02-13T16:40:00+00:00 https://thehackernews.com/2024/02/midnight-blizzard-and-cloudflare.html www.secnews.physaphae.fr/article.php?IdArticle=8449550 False Vulnerability,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That\'s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.]]> 2024-02-13T12:33:00+00:00 https://thehackernews.com/2024/02/ivanti-vulnerability-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8449495 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of]]> 2024-02-13T10:21:00+00:00 https://thehackernews.com/2024/02/alert-cisa-warns-of-active-roundcube.html www.secnews.physaphae.fr/article.php?IdArticle=8449467 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially]]> 2024-02-09T11:06:00+00:00 https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html www.secnews.physaphae.fr/article.php?IdArticle=8448269 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti]]> 2024-02-09T09:05:00+00:00 https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8448245 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an]]> 2024-02-08T10:40:00+00:00 https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8447898 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&]]> 2024-02-07T19:03:00+00:00 https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html www.secnews.physaphae.fr/article.php?IdArticle=8447657 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated]]> 2024-02-07T10:35:00+00:00 https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html www.secnews.physaphae.fr/article.php?IdArticle=8447542 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new security vulnerabilities have been discovered in Azure HDInsight\'s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition. "The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie," Orca security]]> 2024-02-06T19:32:00+00:00 https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html www.secnews.physaphae.fr/article.php?IdArticle=8447299 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others. The attacks exploit CVE-2024-21893 (CVSS]]> 2024-02-06T12:28:00+00:00 https://thehackernews.com/2024/02/recently-disclosed-ssrf-flaw-in-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8447188 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. "Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account," the maintainers said in a terse advisory. The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of]]> 2024-02-03T12:21:00+00:00 https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8446258 False Vulnerability,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. "The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible," web infrastructure and security]]> 2024-02-01T21:14:00+00:00 https://thehackernews.com/2024/02/fritzfrog-returns-with-log4shell-and.html www.secnews.physaphae.fr/article.php?IdArticle=8445634 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How\'s your vulnerability management program doing? Is it effective? A success? Let\'s be honest, without the right metrics or analytics, how can you tell how well you\'re doing, progressing, or if you\'re getting ROI? If you\'re not measuring, how do you know it\'s working? And even if you are measuring, faulty reporting or focusing on the wrong metrics can create blind spots and make it harder to]]> 2024-02-01T16:52:00+00:00 https://thehackernews.com/2024/02/why-right-metrics-matter-when-it-comes.html www.secnews.physaphae.fr/article.php?IdArticle=8445529 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices. This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE. "CHAINLINE is a Python web shell backdoor that is]]> 2024-02-01T13:13:00+00:00 https://thehackernews.com/2024/02/warning-new-malware-emerges-in-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8445460 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component. "An attacker with]]> 2024-02-01T10:32:00+00:00 https://thehackernews.com/2024/02/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8445437 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk. "These container]]> 2024-02-01T01:30:00+00:00 https://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html www.secnews.physaphae.fr/article.php?IdArticle=8445309 False Tool,Vulnerability,Threat None 2.0000000000000000