This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:34:30+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio\'s MSBuild integration to execute code and install malware stealthily. [...]]]> 2023-10-31T10:23:46+00:00 https://www.bleepingcomputer.com/news/security/malicious-nuget-packages-abuse-msbuild-to-install-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8403523 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. [...]]]> 2023-10-30T23:09:43+00:00 https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-cisco-ios-xe-flaw-many-hosts-still-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=8403268 False Hack,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. [...]]]> 2023-10-30T18:46:52+00:00 https://www.bleepingcomputer.com/news/security/lastpass-breach-linked-to-theft-of-44-million-in-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8403169 False None LastPass,LastPass 4.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to APT29, the Russian Foreign Intelligence Service (SVR) hacking division. [...]]]> 2023-10-30T17:54:13+00:00 https://www.bleepingcomputer.com/news/security/sec-sues-solarwinds-for-misleading-investors-before-2020-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8403150 False Hack Solardwinds,APT 29 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Federal Trade Commission (FTC) has amended the Safeguards Rules, mandating that all non-banking financial institutions report data breach incidents within 30 days. [...]]]> 2023-10-30T15:57:54+00:00 https://www.bleepingcomputer.com/news/security/ftc-orders-non-bank-financial-firms-to-report-breaches-in-30-days/ www.secnews.physaphae.fr/article.php?IdArticle=8403071 False Data Breach,Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain A new malware wiper known as BiBi-Linux is being used to destroy data in attacks targeting Linux systems belonging to Israeli companies. [...]]]> 2023-10-30T12:53:04+00:00 https://www.bleepingcomputer.com/news/security/new-bibi-linux-wiper-malware-targets-israeli-orgs-in-destructive-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8402898 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Huawei, Honor, and Vivo smartphones and tablets are displaying strange \'Security threat\' alerts urging the deletion of the Google app, warning that it is detected as the \'TrojanSMS-PA\' malware. [...]]]> 2023-10-30T10:47:00+00:00 https://www.bleepingcomputer.com/news/security/huawei-vivo-phones-tag-google-app-as-trojansms-pa-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8402852 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform\'s inception. [...]]]> 2023-10-28T11:17:34+00:00 https://www.bleepingcomputer.com/news/security/hackerone-paid-ethical-hackers-over-300-million-in-bug-bounties/ www.secnews.physaphae.fr/article.php?IdArticle=8402024 False Vulnerability,Studies None 4.0000000000000000 Bleeping Computer - Magazine Américain The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings being made available by the developer. [...]]]> 2023-10-27T12:15:29+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-breached-dev-repeatedly-to-deploy-signbt-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8401514 False Malware APT 38,APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has released the optional KB5031445 Preview cumulative update for Windows 10 22H2 with nine improvements or fixes, including a fix for a memory leak in ctfmon.exe. [...]]]> 2023-10-26T19:37:35+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5031445-preview-update-fixes-ctfmonexe-memory-leak-9-issues/ www.secnews.physaphae.fr/article.php?IdArticle=8401135 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices. [...]]]> 2023-10-26T15:01:30+00:00 https://www.bleepingcomputer.com/news/security/android-adware-apps-on-google-play-amass-two-million-installs/ www.secnews.physaphae.fr/article.php?IdArticle=8401099 False Studies None 2.0000000000000000 Bleeping Computer - Magazine Américain A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time. [...]]]> 2023-10-26T10:47:54+00:00 https://www.bleepingcomputer.com/news/security/stripedfly-malware-framework-infects-1-million-windows-linux-hosts/ www.secnews.physaphae.fr/article.php?IdArticle=8400892 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Academic researchers created a new speculative side-channel attack they named iLeakage that works on all recent Apple devices and can extract sensitive information from the Safari web browser. [...]]]> 2023-10-26T07:26:48+00:00 https://www.bleepingcomputer.com/news/security/new-ileakage-attack-steals-emails-passwords-from-apple-safari/ www.secnews.physaphae.fr/article.php?IdArticle=8400796 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A custom Flipper Zero firmware called \'Xtreme\' has added a new feature to perform Bluetooth spam attacks on Android and Windows devices. [...]]]> 2023-10-25T14:54:44+00:00 https://www.bleepingcomputer.com/news/security/flipper-zero-can-now-spam-android-windows-users-with-bluetooth-alerts/ www.secnews.physaphae.fr/article.php?IdArticle=8400549 False Spam None 2.0000000000000000 Bleeping Computer - Magazine Américain Japanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware attack earlier this year, warning that the incident has led to a data breach, exposing sensitive customer, partner, and personnel information. [...]]]> 2023-10-25T12:40:43+00:00 https://www.bleepingcomputer.com/news/security/seiko-says-ransomware-attack-exposed-sensitive-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8400201 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks. [...]]]> 2023-10-25T07:00:00+00:00 https://www.bleepingcomputer.com/news/security/european-govt-email-servers-hacked-using-roundcube-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8400147 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain French professional basketball team LDLC ASVEL (ASVEL) has confirmed that data was stolen after the NoEscape ransomware gang claimed to have attacked the club. [...]]]> 2023-10-24T11:07:21+00:00 https://www.bleepingcomputer.com/news/security/asvel-basketball-team-confirms-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8399764 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain 1Password, a popular password management platform used by over 100,000 businesses, suffered a security breach after hackers gained access to its Okta ID management tenant. [...]]]> 2023-10-23T18:34:52+00:00 https://www.bleepingcomputer.com/news/security/1password-discloses-security-incident-linked-to-okta-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8399482 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its network in August and accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants. [...]]]> 2023-10-23T15:34:41+00:00 https://www.bleepingcomputer.com/news/security/university-of-michigan-employee-student-data-stolen-in-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8399428 False Data Breach,Studies None 2.0000000000000000 Bleeping Computer - Magazine Américain Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. [...]]]> 2023-10-23T10:08:05+00:00 https://www.bleepingcomputer.com/news/security/cisco-patches-ios-xe-zero-days-used-to-hack-over-50-000-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8399320 False Hack,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The City of Philadelphia is investigating a data breach after attackers "may have gained access" to City email accounts containing personal and protected health information five months ago, in May. [...]]]> 2023-10-23T05:25:58+00:00 https://www.bleepingcomputer.com/news/security/city-of-philadelphia-discloses-data-breach-after-five-months/ www.secnews.physaphae.fr/article.php?IdArticle=8399233 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A new sophisticated threat tracked as \'TetrisPhantom\' has been using compromised secure USB drives to target government systems in the Asia-Pacific region. [...]]]> 2023-10-22T11:18:36+00:00 https://www.bleepingcomputer.com/news/security/new-tetrisphantom-hackers-steal-data-from-secure-usb-drives-on-govt-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8398998 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain This was a bad week for ransomware, with the Trigona ransomware suffering a data breach and law enforcement disrupting the RagnarLocker ransomware operation. [...]]]> 2023-10-21T11:05:10+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-20th-2023-fighting-back/ www.secnews.physaphae.fr/article.php?IdArticle=8398686 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes. [...]]]> 2023-10-21T10:01:10+00:00 https://www.bleepingcomputer.com/news/security/international-criminal-court-systems-breached-for-cyber-espionage/ www.secnews.physaphae.fr/article.php?IdArticle=8398687 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. [...]]]> 2023-10-20T18:12:28+00:00 https://www.bleepingcomputer.com/news/security/cisco-discloses-new-ios-xe-zero-day-exploited-to-deploy-malware-implant/ www.secnews.physaphae.fr/article.php?IdArticle=8398420 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine. [...]]]> 2023-10-20T08:48:20+00:00 https://www.bleepingcomputer.com/news/security/fake-corsair-job-offers-on-linkedin-push-darkgate-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8398245 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. [...]]]> 2023-10-19T21:08:47+00:00 https://www.bleepingcomputer.com/news/security/over-40-000-cisco-ios-xe-devices-infected-with-backdoor-using-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8397991 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty of 20 years for selling access to compromised computers. [...]]]> 2023-10-19T18:42:04+00:00 https://www.bleepingcomputer.com/news/security/e-root-admin-faces-20-years-for-selling-stolen-rdp-ssh-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8397919 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft is extending Purview Audit log retention as promised after the Chinese Storm-0558 hacking group breached dozens of Exchange and Microsoft 365 corporate and government accounts in July. [...]]]> 2023-10-19T16:21:25+00:00 https://www.bleepingcomputer.com/news/security/microsoft-extends-purview-audit-log-retention-after-july-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8397864 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. [...]]]> 2023-10-19T14:17:19+00:00 https://www.bleepingcomputer.com/news/security/fake-keepass-site-uses-google-ads-and-punycode-to-push-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8397827 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The Ragnar Locker ransomware operation\'s Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation. [...]]]> 2023-10-19T10:39:39+00:00 https://www.bleepingcomputer.com/news/security/ragnar-locker-ransomwares-dark-web-extortion-sites-seized-by-police/ www.secnews.physaphae.fr/article.php?IdArticle=8397737 False Ransomware None 1.00000000000000000000 Bleeping Computer - Magazine Américain Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. [...]]]> 2023-10-19T07:37:48+00:00 https://www.bleepingcomputer.com/news/security/casio-discloses-data-breach-impacting-customers-in-149-countries/ www.secnews.physaphae.fr/article.php?IdArticle=8397668 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available. [...]]]> 2023-10-18T19:17:43+00:00 https://www.bleepingcomputer.com/news/security/ukrainian-activists-hack-trigona-ransomware-gang-wipe-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8397477 False Ransomware,Hack None 4.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]]]> 2023-10-18T18:33:02+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-exploit-critical-teamcity-flaw-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8397455 False Vulnerability APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain Google has announced new, real-time scanning features for Google Play Protect that make it harder for malicious apps employing polymorphism to evade detection. [...]]]> 2023-10-18T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-play-protect-adds-real-time-scanning-to-fight-android-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8397355 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe. [...]]]> 2023-10-18T11:17:34+00:00 https://www.bleepingcomputer.com/news/security/mata-malware-framework-exploits-edr-in-attacks-on-defense-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8397356 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain One of the trends driving an increase is the compromise of enterprise single sign on (SSO) applications are info-stealer malware attacks. Learn more from Flare about this cybercrime ecosystem. [...]]]> 2023-10-18T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/single-sign-on-and-the-cybercrime-ecosystem/ www.secnews.physaphae.fr/article.php?IdArticle=8397322 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts. [...]]]> 2023-10-18T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/qubitstrike-attacks-rootkit-jupyter-linux-servers-to-steal-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8397216 False Malware None 1.00000000000000000000 Bleeping Computer - Magazine Américain Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks. [...]]]> 2023-10-17T17:47:32+00:00 https://www.bleepingcomputer.com/news/security/over-40-000-admin-portal-accounts-use-admin-as-a-password/ www.secnews.physaphae.fr/article.php?IdArticle=8396887 False Studies None 3.0000000000000000 Bleeping Computer - Magazine Américain Amazon has quietly added passkey support as a new passwordless login option for customers, offering better protection from information-stealing malware and phishing attacks. [...]]]> 2023-10-17T15:09:01+00:00 https://www.bleepingcomputer.com/news/security/amazon-adds-passkey-support-as-new-passwordless-login-option/ www.secnews.physaphae.fr/article.php?IdArticle=8396840 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. [...]]]> 2023-10-17T14:48:47+00:00 https://www.bleepingcomputer.com/news/security/d-link-confirms-data-breach-after-employee-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8396841 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Android malware \'SpyNote\' was seen in an Italy-focused campaign that uses a phony \'IT-alert\' public alert service website to infect visitors. [...]]]> 2023-10-17T11:54:11+00:00 https://www.bleepingcomputer.com/news/security/spynote-android-malware-spreads-via-fake-volcano-eruption-alerts/ www.secnews.physaphae.fr/article.php?IdArticle=8396782 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Login credential theft presents one of the biggest and most enduring cybersecurity problems. This article by Specops SOftware looks at the motivations driving credential theft and the tactics bad actors are likely to use. [...]]]> 2023-10-17T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/fighting-off-cyberattacks-make-sure-user-credentials-arent-compromised/ www.secnews.physaphae.fr/article.php?IdArticle=8396731 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens. [...]]]> 2023-10-16T17:29:48+00:00 https://www.bleepingcomputer.com/news/security/discord-still-a-hotbed-of-malware-activity-now-apts-join-the-fun/ www.secnews.physaphae.fr/article.php?IdArticle=8396381 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The state-sponsored Russian hacking group tracked as \'Sandworm\' has compromised eleven telecommunication service providers in Ukraine between May and September 2023. [...]]]> 2023-10-16T14:06:44+00:00 https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-breached-11-ukrainian-telcos-since-may/ www.secnews.physaphae.fr/article.php?IdArticle=8396310 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Israeli Android users are targeted by a malicious version of the \'RedAlert - Rocket Alerts\' app that, while it offers the promised functionality, acts as spyware in the background. [...]]]> 2023-10-16T11:18:28+00:00 https://www.bleepingcomputer.com/news/security/fake-redalert-rocket-alert-app-for-israel-installs-android-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8396274 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Valve has announced implementing additional security measures for developers publishing games on Steam, including SMS-based confirmation codes. This is to deal with a recent outbreak of malicious updates pushing malware from compromised publisher accounts. [...]]]> 2023-10-15T11:12:06+00:00 https://www.bleepingcomputer.com/news/security/steam-enforces-sms-verification-to-curb-malware-ridden-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8395872 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new, lightweight variant of the RomCom backdoor was deployed against participants of the Women Political Leaders (WPL) Summit in Brussels, a summit focusing on gender equality and women in politics. [...]]]> 2023-10-15T10:16:32+00:00 https://www.bleepingcomputer.com/news/security/women-political-leaders-summit-targeted-in-romcom-malware-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8395873 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader script attachments. [...]]]> 2023-10-14T10:09:08+00:00 https://www.bleepingcomputer.com/news/security/darkgate-malware-spreads-through-compromised-skype-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8395874 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if a ransom is not paid. [...]]]> 2023-10-13T18:26:21+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-13th-2023-increasing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8395316 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed to have impacted millions of its customers. [...]]]> 2023-10-13T16:12:56+00:00 https://www.bleepingcomputer.com/news/security/23andme-hit-with-lawsuits-after-hacker-leaks-stolen-genetics-data/ www.secnews.physaphae.fr/article.php?IdArticle=8395275 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft announced a new AI bounty program focused on the AI-driven Bing experience, with rewards reaching $15,000. [...]]]> 2023-10-12T13:29:42+00:00 https://www.bleepingcomputer.com/news/security/new-microsoft-bug-bounty-program-focuses-on-ai-powered-bing/ www.secnews.physaphae.fr/article.php?IdArticle=8394823 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A newly discovered campaign dubbed "Stayin\' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection. [...]]]> 2023-10-12T10:09:01+00:00 https://www.bleepingcomputer.com/news/security/toddycat-hackers-use-disposable-malware-to-target-asian-telecoms/ www.secnews.physaphae.fr/article.php?IdArticle=8394762 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers\' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers. [...]]]> 2023-10-12T08:13:11+00:00 https://www.bleepingcomputer.com/news/security/shadow-pc-warns-of-data-breach-as-hacker-tries-to-sell-gamers-info/ www.secnews.physaphae.fr/article.php?IdArticle=8394721 False Data Breach,Threat,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site\'s activity. [...]]]> 2023-10-11T17:23:36+00:00 https://www.bleepingcomputer.com/news/security/new-wordpress-backdoor-creates-rogue-admin-to-hijack-websites/ www.secnews.physaphae.fr/article.php?IdArticle=8394487 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The BianLian extortion group claims to have stolen 210GB of data after breaching the network of Air Canada, the country\'s largest airline and a founding member of Star Alliance. [...]]]> 2023-10-11T17:07:47+00:00 https://www.bleepingcomputer.com/news/security/bianlian-extortion-group-claims-recent-air-canada-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8394488 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft Defender for Endpoint now uses automatic attack disruption to isolate compromised user accounts and block lateral movement in hands-on-keyboard attacks with the help of a new \'contain user\' capability in public preview. [...]]]> 2023-10-11T14:37:17+00:00 https://www.bleepingcomputer.com/news/security/microsoft-defender-now-auto-isolates-compromised-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8394422 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A Mirai-based DDoS (distributed denial of service) malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others. [...]]]> 2023-10-10T16:35:34+00:00 https://www.bleepingcomputer.com/news/security/mirai-ddos-malware-variant-expands-targets-with-13-router-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8393960 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft is planning to phase out VBScript in future Windows releases after 30 years of use, making it an on-demand feature until it is removed. [...]]]> 2023-10-10T12:36:01+00:00 https://www.bleepingcomputer.com/news/security/microsoft-to-kill-off-vbscript-in-windows-to-block-malware-delivery/ www.secnews.physaphae.fr/article.php?IdArticle=8393858 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain A new DDoS (distributed denial of service) technique named \'HTTP/2 Rapid Reset\' has been actively exploited as a zero-day since August, breaking all previous records in magnitude. [...]]]> 2023-10-10T10:12:26+00:00 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ www.secnews.physaphae.fr/article.php?IdArticle=8393796 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A fundamental idea to understand about risk is that it is inevitable. Learn more from Outpost24 on cyber risk acceptance and the role of continuous penetration testing in making informed risk acceptance decisions. [...]]]> 2023-10-10T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/a-primer-on-cyber-risk-acceptance-and-what-it-means-to-your-business/ www.secnews.physaphae.fr/article.php?IdArticle=8393797 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and remote command injection. [...]]]> 2023-10-09T17:53:34+00:00 https://www.bleepingcomputer.com/news/security/d-link-wifi-range-extender-vulnerable-to-command-injection-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8393385 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The ALPHV (BlackCat) ransomware gang has claimed an attack that affected state courts across Northwest Florida (part of the First Judicial Circuit) last week. [...]]]> 2023-10-09T17:32:53+00:00 https://www.bleepingcomputer.com/news/security/alphv-ransomware-gang-claims-attack-on-florida-circuit-court/ www.secnews.physaphae.fr/article.php?IdArticle=8393386 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Multiple Balada Injector campaigns have compromised and infected over 17,000 WordPress sites using known flaws in premium theme plugins. [...]]]> 2023-10-09T15:23:11+00:00 https://www.bleepingcomputer.com/news/security/over-17-000-wordpress-sites-hacked-in-balada-injector-attacks-last-month/ www.secnews.physaphae.fr/article.php?IdArticle=8393350 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Flagstar Bank is warning that over 800,000 US customers had their personal information stolen by cybercriminals due to a breach at a third-party service provider. [...]]]> 2023-10-08T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/third-flagstar-bank-data-breach-since-2021-affects-800-000-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8392925 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A bounty of $12,288 has been announced for the first person to crack the NIST elliptic curves seeds and discover the original phrases that were hashed to generate them. [...]]]> 2023-10-07T10:12:24+00:00 https://www.bleepingcomputer.com/news/security/bounty-offered-for-secret-nsa-seeds-behind-nist-elliptic-curves-algo/ www.secnews.physaphae.fr/article.php?IdArticle=8392780 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The District of Columbia Board of Elections (DCBOE) is currently probing a data leak involving an unknown number of voter records following breach claims from a threat actor known as RansomedVC. [...]]]> 2023-10-06T19:07:50+00:00 https://www.bleepingcomputer.com/news/security/dc-board-of-elections-confirms-voter-data-stolen-in-site-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8392423 False Hack,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Cloud computing provider Blackbaud reached a $49.5 million agreement with attorneys general from 49 U.S. states to settle a multi-state investigation of a May 2020 ransomware attack and the resulting data breach. [...]]]> 2023-10-06T14:43:05+00:00 https://www.bleepingcomputer.com/news/security/blackbaud-agrees-to-495-million-settlement-for-ransomware-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8392337 False Ransomware,Data Breach,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain 23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack. [...]]]> 2023-10-06T11:48:13+00:00 https://www.bleepingcomputer.com/news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8392280 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain MGM Resorts reveals that last month\'s cyberattack cost the company $100 million and allowed the hackers to steal customers\' personal information. [...]]]> 2023-10-06T09:53:05+00:00 https://www.bleepingcomputer.com/news/security/mgm-resorts-ransomware-attack-led-to-100-million-loss-data-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8392281 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons. [...]]]> 2023-10-05T14:57:09+00:00 https://www.bleepingcomputer.com/news/security/china-linked-cyberspies-backdoor-semiconductor-firms-with-cobalt-strike/ www.secnews.physaphae.fr/article.php?IdArticle=8391932 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Lyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have also compromised customer data. [...]]]> 2023-10-05T11:01:39+00:00 https://www.bleepingcomputer.com/news/security/lyca-mobile-investigates-customer-data-leak-after-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8391875 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Apple released emergency security updates to patch a new zero-day security flaw exploited in attacks targeting iPhone and iPad users. [...]]]> 2023-10-04T14:19:21+00:00 https://www.bleepingcomputer.com/news/apple/apple-emergency-update-fixes-new-zero-day-used-to-hack-iphones/ www.secnews.physaphae.fr/article.php?IdArticle=8391555 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. [...]]]> 2023-10-04T10:53:25+00:00 https://www.bleepingcomputer.com/news/security/microsoft-hackers-target-azure-cloud-vms-via-breached-sql-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8391453 False Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information. [...]]]> 2023-10-04T08:04:49+00:00 https://www.bleepingcomputer.com/news/security/sony-confirms-data-breach-impacting-thousands-in-the-us/ www.secnews.physaphae.fr/article.php?IdArticle=8391389 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails and adhere to stricter spam thresholds [...]]]> 2023-10-03T14:41:16+00:00 https://www.bleepingcomputer.com/news/security/google-to-bolster-phishing-and-malware-delivery-defenses-in-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8391099 False Spam,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited. [...]]]> 2023-10-03T14:12:57+00:00 https://www.bleepingcomputer.com/news/security/android-october-security-update-fixes-zero-days-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8391100 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain For Windows users who frequently use the TorBrowser, there\'s been a pressing concern. Recent versions of the TorBrowser, specifically because of the tor.exe file it contained, were being flagged as potential threats by Windows Defender. [...]]]> 2023-10-02T18:33:17+00:00 https://www.bleepingcomputer.com/news/security/microsoft-defender-no-longer-flags-tor-browser-as-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8390668 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details of 150 credit cards. [...]]]> 2023-10-02T11:10:35+00:00 https://www.bleepingcomputer.com/news/security/motel-one-discloses-data-breach-following-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8390546 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors. [...]]]> 2023-10-01T11:17:34+00:00 https://www.bleepingcomputer.com/news/security/meet-losttrust-ransomware-a-likely-rebrand-of-the-metaencryptor-gang/ www.secnews.physaphae.fr/article.php?IdArticle=8390191 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today. [...]]]> 2023-10-01T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/new-marvin-attack-revives-25-year-old-decryption-flaw-in-rsa/ www.secnews.physaphae.fr/article.php?IdArticle=8390192 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Cloudflare\'s Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls. [...]]]> 2023-09-30T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/cloudflare-ddos-protections-ironically-bypassed-using-cloudflare/ www.secnews.physaphae.fr/article.php?IdArticle=8390128 False Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain The North Korean \'Lazarus\' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to hack into the corporate network using a previously unknown \'LightlessCan\' backdoor. [...]]]> 2023-09-29T05:30:00+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-breach-aerospace-firm-with-new-lightlesscan-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8389428 False Malware,Hack APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft\'s cloud-based Exchange email platform in May. [...]]]> 2023-09-28T16:45:19+00:00 https://www.bleepingcomputer.com/news/security/microsoft-breach-led-to-theft-of-60-000-us-state-dept-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8389206 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Malicious advertisements are now being injected into Microsoft\'s AI-powered Bing Chat responses, promoting fake download sites that distribute malware. [...]]]> 2023-09-28T14:35:06+00:00 https://www.bleepingcomputer.com/news/security/bing-chat-responses-infiltrated-by-ads-pushing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8389162 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims\' networks to encrypt systems in under two days. [...]]]> 2023-09-28T14:14:42+00:00 https://www.bleepingcomputer.com/news/security/fbi-dual-ransomware-attack-victims-now-get-hit-within-48-hours/ www.secnews.physaphae.fr/article.php?IdArticle=8389163 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom \'SysUpdate\' backdoor. [...]]]> 2023-09-28T09:52:38+00:00 https://www.bleepingcomputer.com/news/security/budworm-hackers-target-telcos-and-govt-orgs-with-custom-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8389060 False Malware APT 27 2.0000000000000000 Bleeping Computer - Magazine Américain Fake Bitwarden sites are pushing installers purportedly for the open-source password manager that carry a new password-stealing malware that security researchers call ZenRAT. [...]]]> 2023-09-27T17:07:52+00:00 https://www.bleepingcomputer.com/news/security/fake-bitwarden-sites-push-new-zenrat-password-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8388808 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company\'s and its subsidiaries\' operations. [...]]]> 2023-09-27T15:48:53+00:00 https://www.bleepingcomputer.com/news/security/building-automation-giant-johnson-controls-hit-by-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8388760 False Ransomware,Industrial None 2.0000000000000000 Bleeping Computer - Magazine Américain A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations. [...]]]> 2023-09-27T11:51:00+00:00 https://www.bleepingcomputer.com/news/security/us-and-japan-warn-of-chinese-hackers-backdooring-cisco-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8388437 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages. [...]]]> 2023-09-27T10:06:58+00:00 https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8388411 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Today\'s Windows 11 update includes several security improvements, including a new passkeys management dashboard designed to help users go passwordless more easily and tools to reduce the attack surface. [...]]]> 2023-09-26T13:00:00+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11-22h2-adds-a-built-in-passkey-manager-for-windows-hello/ www.secnews.physaphae.fr/article.php?IdArticle=8388054 False Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The Hospital for Sick Children, more commonly known as SickKids, is among healthcare providers that were impacted by the recent breach at BORN Ontario. The top Canadian pediatric hospital disclosed that as a part of its operations, it shares personal health information with BORN Ontario "related to pregnancy, birth and newborn care." [...]]]> 2023-09-26T05:20:00+00:00 https://www.bleepingcomputer.com/news/security/sickkids-impacted-by-born-ontario-data-breach-that-hit-34-million/ www.secnews.physaphae.fr/article.php?IdArticle=8387934 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain The Better Outcomes Registry & Network (BORN), a healthcare organization funded by the government of Ontario, has announced that it is among the victims of Clop ransomware\'s MOVEit hacking spree. [...]]]> 2023-09-25T13:31:41+00:00 https://www.bleepingcomputer.com/news/security/born-ontario-child-registry-data-breach-affects-34-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8387685 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium. [...]]]> 2023-09-25T11:16:02+00:00 https://www.bleepingcomputer.com/news/security/xenomorph-android-malware-now-targets-us-banks-and-crypto-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8387657 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Mixin Network, an open-source, peer-to-peer transactional network for digital assets, has announced today on Twitter that deposits and withdrawals are suspended effective immediately due to a $200 million hack the platform suffered on Saturday. [...]]]> 2023-09-25T09:23:16+00:00 https://www.bleepingcomputer.com/news/security/mixin-network-suspends-operations-following-200-million-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8387603 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain TikTok is flooded with videos promoting fake nude celebrity photo leaks used to push referral rewards for the Temu online megastore. [...]]]> 2023-09-24T10:11:22+00:00 https://www.bleepingcomputer.com/news/security/fake-celebrity-photo-leak-videos-flood-tiktok-with-temu-referral-codes/ www.secnews.physaphae.fr/article.php?IdArticle=8387604 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A novel and sophisticated backdoor malware named \'Deadglyph\' was seen used in a cyberespionage attack against a government agency in the Middle East. [...]]]> 2023-09-23T17:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-stealthy-and-modular-deadglyph-malware-used-in-govt-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8387605 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023. [...]]]> 2023-09-23T11:09:18+00:00 https://www.bleepingcomputer.com/news/security/evasive-gelsemium-hackers-spotted-in-attack-against-asian-govt/ www.secnews.physaphae.fr/article.php?IdArticle=8387112 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States. [...]]]> 2023-09-23T10:04:15+00:00 https://www.bleepingcomputer.com/news/security/national-student-clearinghouse-data-breach-impacts-890-schools/ www.secnews.physaphae.fr/article.php?IdArticle=8387113 False Data Breach None 2.0000000000000000