This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:34:30+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain The Discord.io custom invite service has temporarily shut down after suffering a data breach exposing the information of 760,000 members. [...]]]> 2023-08-14T17:40:37+00:00 https://www.bleepingcomputer.com/news/security/discordio-confirms-breach-after-hacker-steals-data-of-760k-users/ www.secnews.physaphae.fr/article.php?IdArticle=8370077 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers say. [...]]]> 2023-08-14T15:22:47+00:00 https://www.bleepingcomputer.com/news/security/over-100k-hacking-forums-accounts-exposed-by-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8370034 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain The Colorado Department of Health Care Policy & Financing (HCPF) is alerting more than four million individuals of a data breach that impacted their personal and health information. [...]]]> 2023-08-14T08:42:09+00:00 https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8369904 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named \'MaginotDNS,\' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains. [...]]]> 2023-08-13T10:12:06+00:00 https://www.bleepingcomputer.com/news/security/maginotdns-attacks-exploit-weak-checks-for-dns-cache-poisoning/ www.secnews.physaphae.fr/article.php?IdArticle=8369905 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Department of Homeland Security\'s Cyber Safety Review Board (CSRB) has announced plans to conduct an in-depth review of cloud security practices following recent Chinese hacks of Microsoft Exchange accounts used by US government agencies. [...]]]> 2023-08-11T13:35:52+00:00 https://www.bleepingcomputer.com/news/security/us-cyber-safety-board-to-analyze-microsoft-exchange-hack-of-govt-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8369057 False Hack,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Police have taken down the Lolek bulletproof hosting provider, arresting five individuals and seizing servers for facilitating malicious activities, including DDoS attacks and malware distribution. [...]]]> 2023-08-11T11:59:15+00:00 https://www.bleepingcomputer.com/news/security/police-seize-lolek-bulletproof-service-for-hosting-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8368972 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture. [...]]]> 2023-08-11T02:23:46+00:00 https://www.bleepingcomputer.com/news/security/lapsus-hackers-took-sim-swapping-attacks-to-the-next-level/ www.secnews.physaphae.fr/article.php?IdArticle=8368919 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks. [...]]]> 2023-08-10T16:35:04+00:00 https://www.bleepingcomputer.com/news/security/gafgyt-malware-exploits-five-years-old-flaw-in-eol-zyxel-router/ www.secnews.physaphae.fr/article.php?IdArticle=8368560 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A cyberespionage group named \'MoustachedBouncer\' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus. [...]]]> 2023-08-10T12:56:57+00:00 https://www.bleepingcomputer.com/news/security/moustachedbouncer-hackers-use-aitm-attacks-to-spy-on-diplomats/ www.secnews.physaphae.fr/article.php?IdArticle=8368491 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named \'Whirlpool\' used in attacks on compromised Barracuda Email Security Gateway (ESG) devices. [...]]]> 2023-08-10T12:06:08+00:00 https://www.bleepingcomputer.com/news/security/cisa-new-whirlpool-backdoor-used-in-barracuda-esg-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8368428 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Infostealer malware has risen to prominence as one of the most significant vectors of cybercrime over the past three years. Learn from Flare about information stealer logs and their role in the cybercrime ecosystem. [...]]]> 2023-08-10T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/safeguarding-against-silent-cyber-threats-exploring-the-stealer-log-lifecycle/ www.secnews.physaphae.fr/article.php?IdArticle=8368394 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Missouri\'s Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. [...]]]> 2023-08-09T15:50:57+00:00 https://www.bleepingcomputer.com/news/security/missouri-warns-that-health-info-was-stolen-in-ibm-moveit-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8368015 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Moq\'s 4.20.0 release from this week included another project, SponsorLink, which caused an uproar among open source software consumers, who likened the move to a breach of trust. [...]]]> 2023-08-09T13:42:12+00:00 https://www.bleepingcomputer.com/news/security/popular-open-source-project-moq-criticized-for-quietly-collecting-data/ www.secnews.physaphae.fr/article.php?IdArticle=8367978 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Healthcare organizations are increasingly at risk from threat actors targeting Internet of Medical Things. Learn more from Outpost24 on how attack surface management can secure the IoMT devices. [...]]]> 2023-08-09T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/preventative-medicine-for-securing-iot-tech-in-healthcare-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8367933 False Threat,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]]]> 2023-08-08T16:15:31+00:00 https://www.bleepingcomputer.com/news/security/microsoft-office-update-breaks-actively-exploited-rce-attack-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8367470 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. [...]]]> 2023-08-08T12:00:00+00:00 https://www.bleepingcomputer.com/news/google/android-14-to-let-you-block-connections-to-unencrypted-cellular-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8367374 False None None 1.00000000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered a new and powerful transient execution attack called \'Inception\' that can leak privileged secrets and data using unprivileged processes on all AMD Zen CPUs, including the latest models. [...]]]> 2023-08-08T11:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-inception-attack-leaks-sensitive-data-from-all-amd-zen-cpus/ www.secnews.physaphae.fr/article.php?IdArticle=8367375 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. [...]]]> 2023-08-08T10:06:08+00:00 https://www.bleepingcomputer.com/news/security/uk-electoral-commission-data-breach-exposes-8-years-of-voter-data/ www.secnews.physaphae.fr/article.php?IdArticle=8367292 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are increasingly abusing the legitimate Cloudflare Tunnels feature to create stealthy HTTPS connections from compromised devices, bypass firewalls, and maintain long-term persistence. [...]]]> 2023-08-07T16:03:29+00:00 https://www.bleepingcomputer.com/news/security/hackers-increasingly-abuse-cloudflare-tunnels-for-stealthy-connections/ www.secnews.physaphae.fr/article.php?IdArticle=8366899 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The Google Play store was infiltrated by 43 Android applications with 2.5 million installs that secretly displayed advertisements while a phone\'s screen was off, running down a device\'s battery. [...]]]> 2023-08-07T11:50:59+00:00 https://www.bleepingcomputer.com/news/security/google-play-apps-with-25m-installs-load-ads-when-screens-off/ www.secnews.physaphae.fr/article.php?IdArticle=8366814 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers from the Technical University of Berlin have developed a method to hack the AMD-based infotainment systems used in all recent Tesla car models and make it run any software they choose, aka achieve \'jailbreak.\' [...]]]> 2023-08-06T11:06:12+00:00 https://www.bleepingcomputer.com/news/security/tesla-infotainment-jailbreak-unlocks-paid-features-extracts-secrets/ www.secnews.physaphae.fr/article.php?IdArticle=8366456 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. [...]]]> 2023-08-05T12:16:27+00:00 https://www.bleepingcomputer.com/news/security/colorado-department-of-higher-education-warns-of-massive-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8366111 False Ransomware,Data Breach None 1.00000000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks. [...]]]> 2023-08-05T11:16:32+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-now-uses-torrents-to-leak-data-and-evade-takedowns/ www.secnews.physaphae.fr/article.php?IdArticle=8366112 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%. [...]]]> 2023-08-05T10:09:18+00:00 https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/ www.secnews.physaphae.fr/article.php?IdArticle=8366113 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google Play Store\'s review process and security controls. [...]]]> 2023-08-04T13:04:02+00:00 https://www.bleepingcomputer.com/news/security/google-explains-how-android-malware-slips-onto-google-play-store/ www.secnews.physaphae.fr/article.php?IdArticle=8365745 False Malware,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft\'s new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily spread laterally to other Azure tenants. [...]]]> 2023-08-03T18:55:44+00:00 https://www.bleepingcomputer.com/news/security/new-microsoft-azure-ad-cts-feature-can-be-abused-for-lateral-movement/ www.secnews.physaphae.fr/article.php?IdArticle=8365439 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor\'s MoveIT managed file transfer (MFT) server. [...]]]> 2023-08-03T12:39:18+00:00 https://www.bleepingcomputer.com/news/security/us-govt-contractor-serco-discloses-data-breach-after-moveit-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8365331 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The list of LOLBAS files - legitimate binaries and scripts present in Windows that can be abused for malicious purposes, will include the main executables for Microsoft\'s Outlook email client and Access database management system. [...]]]> 2023-08-03T11:48:01+00:00 https://www.bleepingcomputer.com/news/security/hackers-can-abuse-microsoft-office-executables-to-download-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8365289 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The malicious Rilide Stealer Chrome browser extension has returned in new campaigns targeting crypto users and enterprise employees to steal credentials and crypto wallets. [...]]]> 2023-08-03T10:36:47+00:00 https://www.bleepingcomputer.com/news/security/chrome-malware-rilide-targets-enterprise-users-via-powerpoint-guides/ www.secnews.physaphae.fr/article.php?IdArticle=8365247 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new software-based power side-channel attack called \'Collide+Power\' was discovered, impacting almost all CPUs and potentially allowing data to leak. However, the researchers warn that the flaw is low-risk and will likely not be used in attacks on end users. [...]]]> 2023-08-02T13:37:50+00:00 https://www.bleepingcomputer.com/news/security/new-collide-pluspower-side-channel-attack-impacts-almost-all-cpus/ www.secnews.physaphae.fr/article.php?IdArticle=8364855 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform\'s System Manager (SSM) agent as an undetectable Remote Access Trojan (RAT). [...]]]> 2023-08-02T11:18:35+00:00 https://www.bleepingcomputer.com/news/security/amazons-aws-ssm-agent-can-be-used-as-post-exploitation-rat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8364807 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploited a zero-day vulnerability in Salesforce\'s email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts. [...]]]> 2023-08-02T09:52:47+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploited-salesforce-zero-day-in-facebook-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364752 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Chinese state-sponsored hackers have been targeting industrial organizations with new malware that can steal data from air-gapped systems. [...]]]> 2023-08-01T14:31:21+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-new-malware-to-breach-air-gapped-devices-in-eastern-europe/ www.secnews.physaphae.fr/article.php?IdArticle=8364393 False Malware,Industrial None 4.0000000000000000 Bleeping Computer - Magazine Américain In the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called FraudGPT has emerged, and at least another one is under development that is allegedly based on Google\'s AI experiment, Bard. [...]]]> 2023-08-01T10:08:16+00:00 https://www.bleepingcomputer.com/news/security/cybercriminals-train-ai-chatbots-for-phishing-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8364314 False Malware,Tool ChatGPT,ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain Resetting the passwords for thousands of people after a ransomware attack is challenging, to say the least, for any IT team. Learn more from Specops Software on why organizations are forced into mass password resets and how to make the process manageable. [...]]]> 2023-08-01T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/how-to-manage-a-mass-password-reset-due-to-a-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364315 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are using a fake Android app named \'SafeChat\' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones. [...]]]> 2023-07-31T15:26:42+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-signal-whatsapp-user-data-with-fake-android-chat-app/ www.secnews.physaphae.fr/article.php?IdArticle=8364007 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect. [...]]]> 2023-07-31T11:31:42+00:00 https://www.bleepingcomputer.com/news/security/p2pinfect-server-botnet-spreads-using-redis-replication-feature/ www.secnews.physaphae.fr/article.php?IdArticle=8363909 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. [...]]]> 2023-07-30T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/google-android-patch-gap-makes-n-days-as-dangerous-as-zero-days/ www.secnews.physaphae.fr/article.php?IdArticle=8363570 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Website of Israel\'s largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group\'s cyber systems. [...]]]> 2023-07-30T05:40:03+00:00 https://www.bleepingcomputer.com/news/security/israels-largest-oil-refinery-website-offline-after-ddos-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8363584 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. [...]]]> 2023-07-28T17:27:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-new-submarine-malware-found-on-hacked-barracuda-esg-appliances/ www.secnews.physaphae.fr/article.php?IdArticle=8362935 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. [...]]]> 2023-07-28T16:01:16+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-28th-2023-new-extortion-tactics/ www.secnews.physaphae.fr/article.php?IdArticle=8362899 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway. [...]]]> 2023-07-28T15:38:41+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-new-zero-day-exploited-in-norwegian-govt-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8362900 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA). [...]]]> 2023-07-28T12:10:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-breach-risks-from-idor-web-app-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8362840 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Two new Android malware families named \'CherryBlos\' and \'FakeTrade\' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. [...]]]> 2023-07-28T11:31:34+00:00 https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ocr-to-steal-credentials-from-images/ www.secnews.physaphae.fr/article.php?IdArticle=8362801 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people. [...]]]> 2023-07-28T09:45:38+00:00 https://www.bleepingcomputer.com/news/security/hawaii-community-college-pays-ransomware-gang-to-prevent-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8362757 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency. [...]]]> 2023-07-27T17:58:48+00:00 https://www.bleepingcomputer.com/news/security/coinspaid-blames-lazarus-hackers-for-theft-of-37-300-000-in-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8362435 False None APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain While consumers are usually the ones worried about their information being exposed in data breaches, it\'s now the hacker\'s turn, as the notorious Breached cybercrime forum\'s database is up for sale and member data shared with Have I Been Pwned. [...]]]> 2023-07-27T17:36:56+00:00 https://www.bleepingcomputer.com/news/security/breachforums-database-and-private-chats-for-sale-in-hacker-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8362436 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-07-27T10:15:41+00:00 https://www.bleepingcomputer.com/news/security/8-million-people-hit-by-data-breach-at-us-govt-contractor-maximus/ www.secnews.physaphae.fr/article.php?IdArticle=8362264 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. [...]]]> 2023-07-26T16:19:34+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-linked-to-60-million-alphapo-cryptocurrency-heist/ www.secnews.physaphae.fr/article.php?IdArticle=8361882 False None APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. [...]]]> 2023-07-26T12:26:03+00:00 https://www.bleepingcomputer.com/news/security/nato-investigates-alleged-data-theft-by-siegedsec-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8361793 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain A new \'Nitrogen\' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads. [...]]]> 2023-07-26T11:04:24+00:00 https://www.bleepingcomputer.com/news/security/new-nitrogen-malware-pushed-via-google-ads-for-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8361749 False Ransomware,Malware None 1.00000000000000000000 Bleeping Computer - Magazine Américain The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks. [...]]]> 2023-07-26T02:34:46+00:00 https://www.bleepingcomputer.com/news/security/alphv-ransomware-adds-data-leak-api-in-new-extortion-strategy/ www.secnews.physaphae.fr/article.php?IdArticle=8361643 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development. [...]]]> 2023-07-25T14:28:16+00:00 https://www.bleepingcomputer.com/news/security/new-realst-macos-malware-steals-your-cryptocurrency-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8361438 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain New details have emerged about Decoy Dog, a largely undetected sophisticated toolkit likely used for at least a year in cyber intelligence operations, relying on the domain name system (DNS) for command and control activity. [...]]]> 2023-07-25T12:06:02+00:00 https://www.bleepingcomputer.com/news/security/mysterious-decoy-dog-malware-toolkit-still-lurks-in-dns-shadows/ www.secnews.physaphae.fr/article.php?IdArticle=8361291 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments. [...]]]> 2023-07-25T09:15:00+00:00 https://www.bleepingcomputer.com/news/security/over-400-000-corporate-credentials-stolen-by-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8361241 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti\'s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. [...]]]> 2023-07-25T02:42:54+00:00 https://www.bleepingcomputer.com/news/security/norway-says-ivanti-zero-day-was-used-to-hack-govt-it-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8361085 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core. [...]]]> 2023-07-24T17:28:38+00:00 https://www.bleepingcomputer.com/news/security/zenbleed-attack-leaks-sensitive-data-from-amd-zen2-processors/ www.secnews.physaphae.fr/article.php?IdArticle=8360939 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution. [...]]]> 2023-07-24T16:34:23+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-hijack-microsoft-iis-servers-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8360915 False Malware APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain The Flipper Zero team has launched its very own \'Flipper Apps\' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool. [...]]]> 2023-07-24T13:22:55+00:00 https://www.bleepingcomputer.com/news/security/flipper-zero-now-has-its-own-app-store-for-ios-android-users/ www.secnews.physaphae.fr/article.php?IdArticle=8360850 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A hacking unit of North Korea\'s Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made an operational security (OPSEC) mistake, inadvertently exposing their real-world IP addresses. [...]]]> 2023-07-24T13:12:25+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-hack-linked-to-north-korea-after-opsec-mistake/ www.secnews.physaphae.fr/article.php?IdArticle=8360851 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are already utilizing and creating malicious tools based on open source AI language models for phishing and malware development. Learn more from Flare about how threat actors are beginning to use AI. [...]]]> 2023-07-24T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/how-is-the-dark-web-reacting-to-the-ai-revolution/ www.secnews.physaphae.fr/article.php?IdArticle=8360814 False Malware,Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom. [...]]]> 2023-07-23T15:10:17+00:00 https://www.bleepingcomputer.com/news/security/clop-now-leaks-data-stolen-in-moveit-attacks-on-clearweb-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8360497 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft is further enhancing the Windows 11 Enhanced Phishing Protection by testing a new feature that warns users when they copy and paste their Windows password into websites and documents. [...]]]> 2023-07-23T13:02:41+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-enhances-windows-11-phishing-protection-with-new-features/ www.secnews.physaphae.fr/article.php?IdArticle=8360460 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]]]> 2023-07-21T08:51:36+00:00 https://www.bleepingcomputer.com/news/security/netscaler-adc-bug-exploited-to-breach-us-critical-infrastructure-org/ www.secnews.physaphae.fr/article.php?IdArticle=8359803 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month. [...]]]> 2023-07-21T05:35:44+00:00 https://www.bleepingcomputer.com/news/security/virustotal-apologizes-for-data-leak-affecting-5-600-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8359659 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Orgs must take proactive measures to safeguard their web applications and eliminate weak points. Learn more from Outpost24 on these threats, attack strategies, and the steps you can take to protect your web applications. [...]]]> 2023-07-20T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/threat-actors-are-targeting-your-web-applications-heres-how-to-protect-them/ www.secnews.physaphae.fr/article.php?IdArticle=8359313 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne and CrowdStrike. [...]]]> 2023-07-20T08:25:44+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-breach-traced-back-to-north-korean-state-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8359230 False None APT 38,APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain Earlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems. [...]]]> 2023-07-20T08:02:05+00:00 https://www.bleepingcomputer.com/news/security/new-p2pinfect-worm-malware-targets-linux-and-windows-redis-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8359231 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers.  [...]]]> 2023-07-20T07:01:12+00:00 https://www.bleepingcomputer.com/news/security/apt41-hackers-target-android-users-with-wyrmspy-dragonegg-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8359232 False None APT 41,APT 41 2.0000000000000000 Bleeping Computer - Magazine Américain Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]]]> 2023-07-19T19:51:24+00:00 https://www.bleepingcomputer.com/news/security/est-e-lauder-beauty-giant-breached-by-two-ransomware-gangs/ www.secnews.physaphae.fr/article.php?IdArticle=8359058 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain Microsoft and the Ukraine CERT warn of new attacks by the Russian state-sponsored Turla hacking group, targeting the defense industry and Microsoft Exchange servers with a new \'DeliveryCheck\' malware backdoor. [...]]]> 2023-07-19T15:06:38+00:00 https://www.bleepingcomputer.com/news/security/microsoft-hackers-turn-exchange-servers-into-malware-control-centers/ www.secnews.physaphae.fr/article.php?IdArticle=8358945 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cyber ​​Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. [...]]]> 2023-07-19T07:03:45+00:00 https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8358750 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. [...]]]> 2023-07-19T06:18:09+00:00 https://www.bleepingcomputer.com/news/security/us-govt-bans-european-spyware-vendors-intellexa-and-cytrox/ www.secnews.physaphae.fr/article.php?IdArticle=8358751 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks. [...]]]> 2023-07-18T21:12:18+00:00 https://www.bleepingcomputer.com/news/security/us-preparing-cyber-trust-mark-for-more-secure-smart-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8358594 False None None 1.00000000000000000000 Bleeping Computer - Magazine Américain When insurers assess an organization\'s cybersecurity posture, password security is a key element considered. Learn more from Specops Software on how password security can affect your insurance premiums. [...]]]> 2023-07-18T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/strengthening-password-security-may-lower-cyber-insurance-premiums/ www.secnews.physaphae.fr/article.php?IdArticle=8358385 False General Information None 2.0000000000000000 Bleeping Computer - Magazine Américain A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version. [...]]]> 2023-07-18T09:15:04+00:00 https://www.bleepingcomputer.com/news/security/fin8-deploys-alphv-ransomware-using-sardonic-malware-variant/ www.secnews.physaphae.fr/article.php?IdArticle=8358262 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers. [...]]]> 2023-07-17T09:20:21+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/ www.secnews.physaphae.fr/article.php?IdArticle=8357745 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface. [...]]]> 2023-07-16T10:09:18+00:00 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8357469 False Studies None 2.0000000000000000 Bleeping Computer - Magazine Américain Ukraine\'s Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour. [...]]]> 2023-07-15T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/gamaredon-hackers-start-stealing-data-30-minutes-after-a-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8357470 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says it still doesn\'t know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies. [...]]]> 2023-07-14T16:18:48+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-still-unsure-how-hackers-stole-azure-ad-signing-key/ www.secnews.physaphae.fr/article.php?IdArticle=8356689 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-07-14T10:23:39+00:00 https://www.bleepingcomputer.com/news/security/colorado-state-university-says-data-breach-impacts-students-staff/ www.secnews.physaphae.fr/article.php?IdArticle=8356571 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Criminal IP, a leading Cyber Threat Intelligence search engine, has formed a powerful alliance with Tines, a renowned provider of no-code automation solutions. [...]]]> 2023-07-14T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-tines-forge-powerful-tech-alliance/ www.secnews.physaphae.fr/article.php?IdArticle=8356547 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them. [...]]]> 2023-07-14T04:09:40+00:00 https://www.bleepingcomputer.com/news/security/shutterfly-says-clop-ransomware-attack-did-not-impact-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8356447 False Ransomware,Data Breach,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service. [...]]]> 2023-07-14T02:35:08+00:00 https://www.bleepingcomputer.com/news/security/avrecon-malware-infects-70-000-linux-routers-to-build-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8356448 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps. [...]]]> 2023-07-13T15:20:30+00:00 https://www.bleepingcomputer.com/news/google/google-play-will-enforce-business-checks-to-curb-malware-submissions/ www.secnews.physaphae.fr/article.php?IdArticle=8356176 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]]]> 2023-07-13T14:28:48+00:00 https://www.bleepingcomputer.com/news/security/fake-linux-vulnerability-exploit-drops-data-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8356143 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community. [...]]]> 2023-07-13T11:14:29+00:00 https://www.bleepingcomputer.com/news/security/source-code-for-blacklotus-windows-uefi-malware-leaked-on-github/ www.secnews.physaphae.fr/article.php?IdArticle=8356065 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain What\'s old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023 [...]]]> 2023-07-13T01:02:04+00:00 https://www.bleepingcomputer.com/news/security/usb-drive-malware-attacks-spiking-again-in-first-half-of-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8355837 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. [...]]]> 2023-07-12T17:50:44+00:00 https://www.bleepingcomputer.com/news/security/new-pyloose-linux-malware-mines-crypto-directly-from-memory/ www.secnews.physaphae.fr/article.php?IdArticle=8355567 False Malware,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers\' data in a likely MOVEit Transfer data-theft attack. [...]]]> 2023-07-11T11:51:04+00:00 https://www.bleepingcomputer.com/news/security/deutsche-bank-confirms-provider-breach-exposed-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8354407 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain HCA Healthcare disclosed a data breach impacting an estimated 11 million patients who received care at one of its hospitals and clinics after a threat actor posted samples of stolen data on a hacking forum. [...]]]> 2023-07-11T10:59:20+00:00 https://www.bleepingcomputer.com/news/security/hca-confirms-breach-after-hacker-steals-data-of-11-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8354408 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter. [...]]]> 2023-07-10T11:00:49+00:00 https://www.bleepingcomputer.com/news/security/razer-investigates-data-breach-claims-resets-user-sessions/ www.secnews.physaphae.fr/article.php?IdArticle=8354043 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems. [...]]]> 2023-07-09T10:13:16+00:00 https://www.bleepingcomputer.com/news/security/charming-kitten-hackers-use-new-noknok-malware-for-macos/ www.secnews.physaphae.fr/article.php?IdArticle=8353811 False Malware APT 35,APT 35 2.0000000000000000 Bleeping Computer - Magazine Américain Today\'s update introduces several significant Android Windows Subsystem improvements. Firstly, enhancements have been made to camera compatibility, thus improving the experience of using Android apps that require camera access. [...]]]> 2023-07-09T09:49:40+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-android-gets-july-2023-preview-with-new-features/ www.secnews.physaphae.fr/article.php?IdArticle=8353803 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month\'s Android security updates. [...]]]> 2023-07-07T14:54:11+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8353442 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution (RCE) vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. [...]]]> 2023-07-06T12:57:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-netwrix-auditor-rce-bug-exploited-in-truebot-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8352977 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Nickelodeon has confirmed that the data leaked from an alleged breach of the company is legitimate but it appears to be decades old. [...]]]> 2023-07-06T11:03:36+00:00 https://www.bleepingcomputer.com/news/security/nickelodeon-investigates-breach-after-leak-of-decades-old-data/ www.secnews.physaphae.fr/article.php?IdArticle=8352923 False None APT 15 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the monthly security updates for Android operating system, which comes with fixes for 46 vulnerabilities. Three of the issues are likely actively exploited in the wild. [...]]]> 2023-07-06T05:44:52+00:00 https://www.bleepingcomputer.com/news/security/android-july-security-updates-fix-three-actively-exploited-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8352850 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A member of U.S. Navy\'s red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. [...]]]> 2023-07-05T11:03:34+00:00 https://www.bleepingcomputer.com/news/security/new-tool-exploits-microsoft-teams-bug-to-send-malware-to-users/ www.secnews.physaphae.fr/article.php?IdArticle=8352494 False Malware,Tool None 4.0000000000000000 Bleeping Computer - Magazine Américain The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals. [...]]]> 2023-07-05T06:00:39+00:00 https://www.bleepingcomputer.com/news/security/japans-largest-port-stops-operations-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8352395 False Ransomware None 2.0000000000000000