This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T15:04:17+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain Researchers from the Technical University of Berlin have developed a method to hack the AMD-based infotainment systems used in all recent Tesla car models and make it run any software they choose, aka achieve \'jailbreak.\' [...]]]> 2023-08-06T11:06:12+00:00 https://www.bleepingcomputer.com/news/security/tesla-infotainment-jailbreak-unlocks-paid-features-extracts-secrets/ www.secnews.physaphae.fr/article.php?IdArticle=8366456 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. [...]]]> 2023-08-05T12:16:27+00:00 https://www.bleepingcomputer.com/news/security/colorado-department-of-higher-education-warns-of-massive-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8366111 False Ransomware,Data Breach None 1.00000000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks. [...]]]> 2023-08-05T11:16:32+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-now-uses-torrents-to-leak-data-and-evade-takedowns/ www.secnews.physaphae.fr/article.php?IdArticle=8366112 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%. [...]]]> 2023-08-05T10:09:18+00:00 https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/ www.secnews.physaphae.fr/article.php?IdArticle=8366113 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google Play Store\'s review process and security controls. [...]]]> 2023-08-04T13:04:02+00:00 https://www.bleepingcomputer.com/news/security/google-explains-how-android-malware-slips-onto-google-play-store/ www.secnews.physaphae.fr/article.php?IdArticle=8365745 False Malware,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft\'s new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily spread laterally to other Azure tenants. [...]]]> 2023-08-03T18:55:44+00:00 https://www.bleepingcomputer.com/news/security/new-microsoft-azure-ad-cts-feature-can-be-abused-for-lateral-movement/ www.secnews.physaphae.fr/article.php?IdArticle=8365439 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor\'s MoveIT managed file transfer (MFT) server. [...]]]> 2023-08-03T12:39:18+00:00 https://www.bleepingcomputer.com/news/security/us-govt-contractor-serco-discloses-data-breach-after-moveit-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8365331 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The list of LOLBAS files - legitimate binaries and scripts present in Windows that can be abused for malicious purposes, will include the main executables for Microsoft\'s Outlook email client and Access database management system. [...]]]> 2023-08-03T11:48:01+00:00 https://www.bleepingcomputer.com/news/security/hackers-can-abuse-microsoft-office-executables-to-download-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8365289 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The malicious Rilide Stealer Chrome browser extension has returned in new campaigns targeting crypto users and enterprise employees to steal credentials and crypto wallets. [...]]]> 2023-08-03T10:36:47+00:00 https://www.bleepingcomputer.com/news/security/chrome-malware-rilide-targets-enterprise-users-via-powerpoint-guides/ www.secnews.physaphae.fr/article.php?IdArticle=8365247 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new software-based power side-channel attack called \'Collide+Power\' was discovered, impacting almost all CPUs and potentially allowing data to leak. However, the researchers warn that the flaw is low-risk and will likely not be used in attacks on end users. [...]]]> 2023-08-02T13:37:50+00:00 https://www.bleepingcomputer.com/news/security/new-collide-pluspower-side-channel-attack-impacts-almost-all-cpus/ www.secnews.physaphae.fr/article.php?IdArticle=8364855 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform\'s System Manager (SSM) agent as an undetectable Remote Access Trojan (RAT). [...]]]> 2023-08-02T11:18:35+00:00 https://www.bleepingcomputer.com/news/security/amazons-aws-ssm-agent-can-be-used-as-post-exploitation-rat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8364807 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploited a zero-day vulnerability in Salesforce\'s email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts. [...]]]> 2023-08-02T09:52:47+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploited-salesforce-zero-day-in-facebook-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364752 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Chinese state-sponsored hackers have been targeting industrial organizations with new malware that can steal data from air-gapped systems. [...]]]> 2023-08-01T14:31:21+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-new-malware-to-breach-air-gapped-devices-in-eastern-europe/ www.secnews.physaphae.fr/article.php?IdArticle=8364393 False Malware,Industrial None 4.0000000000000000 Bleeping Computer - Magazine Américain In the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called FraudGPT has emerged, and at least another one is under development that is allegedly based on Google\'s AI experiment, Bard. [...]]]> 2023-08-01T10:08:16+00:00 https://www.bleepingcomputer.com/news/security/cybercriminals-train-ai-chatbots-for-phishing-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8364314 False Malware,Tool ChatGPT,ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain Resetting the passwords for thousands of people after a ransomware attack is challenging, to say the least, for any IT team. Learn more from Specops Software on why organizations are forced into mass password resets and how to make the process manageable. [...]]]> 2023-08-01T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/how-to-manage-a-mass-password-reset-due-to-a-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364315 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are using a fake Android app named \'SafeChat\' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones. [...]]]> 2023-07-31T15:26:42+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-signal-whatsapp-user-data-with-fake-android-chat-app/ www.secnews.physaphae.fr/article.php?IdArticle=8364007 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect. [...]]]> 2023-07-31T11:31:42+00:00 https://www.bleepingcomputer.com/news/security/p2pinfect-server-botnet-spreads-using-redis-replication-feature/ www.secnews.physaphae.fr/article.php?IdArticle=8363909 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. [...]]]> 2023-07-30T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/google-android-patch-gap-makes-n-days-as-dangerous-as-zero-days/ www.secnews.physaphae.fr/article.php?IdArticle=8363570 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Website of Israel\'s largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group\'s cyber systems. [...]]]> 2023-07-30T05:40:03+00:00 https://www.bleepingcomputer.com/news/security/israels-largest-oil-refinery-website-offline-after-ddos-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8363584 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. [...]]]> 2023-07-28T17:27:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-new-submarine-malware-found-on-hacked-barracuda-esg-appliances/ www.secnews.physaphae.fr/article.php?IdArticle=8362935 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. [...]]]> 2023-07-28T16:01:16+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-28th-2023-new-extortion-tactics/ www.secnews.physaphae.fr/article.php?IdArticle=8362899 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway. [...]]]> 2023-07-28T15:38:41+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-new-zero-day-exploited-in-norwegian-govt-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8362900 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA). [...]]]> 2023-07-28T12:10:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-breach-risks-from-idor-web-app-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8362840 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Two new Android malware families named \'CherryBlos\' and \'FakeTrade\' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. [...]]]> 2023-07-28T11:31:34+00:00 https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ocr-to-steal-credentials-from-images/ www.secnews.physaphae.fr/article.php?IdArticle=8362801 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people. [...]]]> 2023-07-28T09:45:38+00:00 https://www.bleepingcomputer.com/news/security/hawaii-community-college-pays-ransomware-gang-to-prevent-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8362757 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency. [...]]]> 2023-07-27T17:58:48+00:00 https://www.bleepingcomputer.com/news/security/coinspaid-blames-lazarus-hackers-for-theft-of-37-300-000-in-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8362435 False None APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain While consumers are usually the ones worried about their information being exposed in data breaches, it\'s now the hacker\'s turn, as the notorious Breached cybercrime forum\'s database is up for sale and member data shared with Have I Been Pwned. [...]]]> 2023-07-27T17:36:56+00:00 https://www.bleepingcomputer.com/news/security/breachforums-database-and-private-chats-for-sale-in-hacker-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8362436 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-07-27T10:15:41+00:00 https://www.bleepingcomputer.com/news/security/8-million-people-hit-by-data-breach-at-us-govt-contractor-maximus/ www.secnews.physaphae.fr/article.php?IdArticle=8362264 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. [...]]]> 2023-07-26T16:19:34+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-linked-to-60-million-alphapo-cryptocurrency-heist/ www.secnews.physaphae.fr/article.php?IdArticle=8361882 False None APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. [...]]]> 2023-07-26T12:26:03+00:00 https://www.bleepingcomputer.com/news/security/nato-investigates-alleged-data-theft-by-siegedsec-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8361793 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain A new \'Nitrogen\' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads. [...]]]> 2023-07-26T11:04:24+00:00 https://www.bleepingcomputer.com/news/security/new-nitrogen-malware-pushed-via-google-ads-for-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8361749 False Ransomware,Malware None 1.00000000000000000000 Bleeping Computer - Magazine Américain The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks. [...]]]> 2023-07-26T02:34:46+00:00 https://www.bleepingcomputer.com/news/security/alphv-ransomware-adds-data-leak-api-in-new-extortion-strategy/ www.secnews.physaphae.fr/article.php?IdArticle=8361643 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development. [...]]]> 2023-07-25T14:28:16+00:00 https://www.bleepingcomputer.com/news/security/new-realst-macos-malware-steals-your-cryptocurrency-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8361438 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain New details have emerged about Decoy Dog, a largely undetected sophisticated toolkit likely used for at least a year in cyber intelligence operations, relying on the domain name system (DNS) for command and control activity. [...]]]> 2023-07-25T12:06:02+00:00 https://www.bleepingcomputer.com/news/security/mysterious-decoy-dog-malware-toolkit-still-lurks-in-dns-shadows/ www.secnews.physaphae.fr/article.php?IdArticle=8361291 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments. [...]]]> 2023-07-25T09:15:00+00:00 https://www.bleepingcomputer.com/news/security/over-400-000-corporate-credentials-stolen-by-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8361241 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti\'s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. [...]]]> 2023-07-25T02:42:54+00:00 https://www.bleepingcomputer.com/news/security/norway-says-ivanti-zero-day-was-used-to-hack-govt-it-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8361085 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core. [...]]]> 2023-07-24T17:28:38+00:00 https://www.bleepingcomputer.com/news/security/zenbleed-attack-leaks-sensitive-data-from-amd-zen2-processors/ www.secnews.physaphae.fr/article.php?IdArticle=8360939 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution. [...]]]> 2023-07-24T16:34:23+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-hijack-microsoft-iis-servers-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8360915 False Malware APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain The Flipper Zero team has launched its very own \'Flipper Apps\' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool. [...]]]> 2023-07-24T13:22:55+00:00 https://www.bleepingcomputer.com/news/security/flipper-zero-now-has-its-own-app-store-for-ios-android-users/ www.secnews.physaphae.fr/article.php?IdArticle=8360850 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A hacking unit of North Korea\'s Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made an operational security (OPSEC) mistake, inadvertently exposing their real-world IP addresses. [...]]]> 2023-07-24T13:12:25+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-hack-linked-to-north-korea-after-opsec-mistake/ www.secnews.physaphae.fr/article.php?IdArticle=8360851 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are already utilizing and creating malicious tools based on open source AI language models for phishing and malware development. Learn more from Flare about how threat actors are beginning to use AI. [...]]]> 2023-07-24T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/how-is-the-dark-web-reacting-to-the-ai-revolution/ www.secnews.physaphae.fr/article.php?IdArticle=8360814 False Malware,Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom. [...]]]> 2023-07-23T15:10:17+00:00 https://www.bleepingcomputer.com/news/security/clop-now-leaks-data-stolen-in-moveit-attacks-on-clearweb-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8360497 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft is further enhancing the Windows 11 Enhanced Phishing Protection by testing a new feature that warns users when they copy and paste their Windows password into websites and documents. [...]]]> 2023-07-23T13:02:41+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-enhances-windows-11-phishing-protection-with-new-features/ www.secnews.physaphae.fr/article.php?IdArticle=8360460 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]]]> 2023-07-21T08:51:36+00:00 https://www.bleepingcomputer.com/news/security/netscaler-adc-bug-exploited-to-breach-us-critical-infrastructure-org/ www.secnews.physaphae.fr/article.php?IdArticle=8359803 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month. [...]]]> 2023-07-21T05:35:44+00:00 https://www.bleepingcomputer.com/news/security/virustotal-apologizes-for-data-leak-affecting-5-600-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8359659 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Orgs must take proactive measures to safeguard their web applications and eliminate weak points. Learn more from Outpost24 on these threats, attack strategies, and the steps you can take to protect your web applications. [...]]]> 2023-07-20T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/threat-actors-are-targeting-your-web-applications-heres-how-to-protect-them/ www.secnews.physaphae.fr/article.php?IdArticle=8359313 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne and CrowdStrike. [...]]]> 2023-07-20T08:25:44+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-breach-traced-back-to-north-korean-state-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8359230 False None APT 38,APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain Earlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems. [...]]]> 2023-07-20T08:02:05+00:00 https://www.bleepingcomputer.com/news/security/new-p2pinfect-worm-malware-targets-linux-and-windows-redis-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8359231 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers.  [...]]]> 2023-07-20T07:01:12+00:00 https://www.bleepingcomputer.com/news/security/apt41-hackers-target-android-users-with-wyrmspy-dragonegg-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8359232 False None APT 41,APT 41 2.0000000000000000 Bleeping Computer - Magazine Américain Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]]]> 2023-07-19T19:51:24+00:00 https://www.bleepingcomputer.com/news/security/est-e-lauder-beauty-giant-breached-by-two-ransomware-gangs/ www.secnews.physaphae.fr/article.php?IdArticle=8359058 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain Microsoft and the Ukraine CERT warn of new attacks by the Russian state-sponsored Turla hacking group, targeting the defense industry and Microsoft Exchange servers with a new \'DeliveryCheck\' malware backdoor. [...]]]> 2023-07-19T15:06:38+00:00 https://www.bleepingcomputer.com/news/security/microsoft-hackers-turn-exchange-servers-into-malware-control-centers/ www.secnews.physaphae.fr/article.php?IdArticle=8358945 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cyber ​​Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. [...]]]> 2023-07-19T07:03:45+00:00 https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8358750 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. [...]]]> 2023-07-19T06:18:09+00:00 https://www.bleepingcomputer.com/news/security/us-govt-bans-european-spyware-vendors-intellexa-and-cytrox/ www.secnews.physaphae.fr/article.php?IdArticle=8358751 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks. [...]]]> 2023-07-18T21:12:18+00:00 https://www.bleepingcomputer.com/news/security/us-preparing-cyber-trust-mark-for-more-secure-smart-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8358594 False None None 1.00000000000000000000 Bleeping Computer - Magazine Américain When insurers assess an organization\'s cybersecurity posture, password security is a key element considered. Learn more from Specops Software on how password security can affect your insurance premiums. [...]]]> 2023-07-18T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/strengthening-password-security-may-lower-cyber-insurance-premiums/ www.secnews.physaphae.fr/article.php?IdArticle=8358385 False General Information None 2.0000000000000000 Bleeping Computer - Magazine Américain A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version. [...]]]> 2023-07-18T09:15:04+00:00 https://www.bleepingcomputer.com/news/security/fin8-deploys-alphv-ransomware-using-sardonic-malware-variant/ www.secnews.physaphae.fr/article.php?IdArticle=8358262 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers. [...]]]> 2023-07-17T09:20:21+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/ www.secnews.physaphae.fr/article.php?IdArticle=8357745 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface. [...]]]> 2023-07-16T10:09:18+00:00 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8357469 False Studies None 2.0000000000000000 Bleeping Computer - Magazine Américain Ukraine\'s Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour. [...]]]> 2023-07-15T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/gamaredon-hackers-start-stealing-data-30-minutes-after-a-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8357470 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says it still doesn\'t know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies. [...]]]> 2023-07-14T16:18:48+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-still-unsure-how-hackers-stole-azure-ad-signing-key/ www.secnews.physaphae.fr/article.php?IdArticle=8356689 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-07-14T10:23:39+00:00 https://www.bleepingcomputer.com/news/security/colorado-state-university-says-data-breach-impacts-students-staff/ www.secnews.physaphae.fr/article.php?IdArticle=8356571 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Criminal IP, a leading Cyber Threat Intelligence search engine, has formed a powerful alliance with Tines, a renowned provider of no-code automation solutions. [...]]]> 2023-07-14T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-tines-forge-powerful-tech-alliance/ www.secnews.physaphae.fr/article.php?IdArticle=8356547 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them. [...]]]> 2023-07-14T04:09:40+00:00 https://www.bleepingcomputer.com/news/security/shutterfly-says-clop-ransomware-attack-did-not-impact-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8356447 False Ransomware,Data Breach,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service. [...]]]> 2023-07-14T02:35:08+00:00 https://www.bleepingcomputer.com/news/security/avrecon-malware-infects-70-000-linux-routers-to-build-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8356448 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps. [...]]]> 2023-07-13T15:20:30+00:00 https://www.bleepingcomputer.com/news/google/google-play-will-enforce-business-checks-to-curb-malware-submissions/ www.secnews.physaphae.fr/article.php?IdArticle=8356176 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]]]> 2023-07-13T14:28:48+00:00 https://www.bleepingcomputer.com/news/security/fake-linux-vulnerability-exploit-drops-data-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8356143 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community. [...]]]> 2023-07-13T11:14:29+00:00 https://www.bleepingcomputer.com/news/security/source-code-for-blacklotus-windows-uefi-malware-leaked-on-github/ www.secnews.physaphae.fr/article.php?IdArticle=8356065 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain What\'s old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023 [...]]]> 2023-07-13T01:02:04+00:00 https://www.bleepingcomputer.com/news/security/usb-drive-malware-attacks-spiking-again-in-first-half-of-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8355837 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. [...]]]> 2023-07-12T17:50:44+00:00 https://www.bleepingcomputer.com/news/security/new-pyloose-linux-malware-mines-crypto-directly-from-memory/ www.secnews.physaphae.fr/article.php?IdArticle=8355567 False Malware,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers\' data in a likely MOVEit Transfer data-theft attack. [...]]]> 2023-07-11T11:51:04+00:00 https://www.bleepingcomputer.com/news/security/deutsche-bank-confirms-provider-breach-exposed-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8354407 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain HCA Healthcare disclosed a data breach impacting an estimated 11 million patients who received care at one of its hospitals and clinics after a threat actor posted samples of stolen data on a hacking forum. [...]]]> 2023-07-11T10:59:20+00:00 https://www.bleepingcomputer.com/news/security/hca-confirms-breach-after-hacker-steals-data-of-11-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8354408 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter. [...]]]> 2023-07-10T11:00:49+00:00 https://www.bleepingcomputer.com/news/security/razer-investigates-data-breach-claims-resets-user-sessions/ www.secnews.physaphae.fr/article.php?IdArticle=8354043 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems. [...]]]> 2023-07-09T10:13:16+00:00 https://www.bleepingcomputer.com/news/security/charming-kitten-hackers-use-new-noknok-malware-for-macos/ www.secnews.physaphae.fr/article.php?IdArticle=8353811 False Malware APT 35,APT 35 2.0000000000000000 Bleeping Computer - Magazine Américain Today\'s update introduces several significant Android Windows Subsystem improvements. Firstly, enhancements have been made to camera compatibility, thus improving the experience of using Android apps that require camera access. [...]]]> 2023-07-09T09:49:40+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-android-gets-july-2023-preview-with-new-features/ www.secnews.physaphae.fr/article.php?IdArticle=8353803 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month\'s Android security updates. [...]]]> 2023-07-07T14:54:11+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8353442 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution (RCE) vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. [...]]]> 2023-07-06T12:57:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-netwrix-auditor-rce-bug-exploited-in-truebot-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8352977 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Nickelodeon has confirmed that the data leaked from an alleged breach of the company is legitimate but it appears to be decades old. [...]]]> 2023-07-06T11:03:36+00:00 https://www.bleepingcomputer.com/news/security/nickelodeon-investigates-breach-after-leak-of-decades-old-data/ www.secnews.physaphae.fr/article.php?IdArticle=8352923 False None APT 15 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the monthly security updates for Android operating system, which comes with fixes for 46 vulnerabilities. Three of the issues are likely actively exploited in the wild. [...]]]> 2023-07-06T05:44:52+00:00 https://www.bleepingcomputer.com/news/security/android-july-security-updates-fix-three-actively-exploited-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8352850 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A member of U.S. Navy\'s red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. [...]]]> 2023-07-05T11:03:34+00:00 https://www.bleepingcomputer.com/news/security/new-tool-exploits-microsoft-teams-bug-to-send-malware-to-users/ www.secnews.physaphae.fr/article.php?IdArticle=8352494 False Malware,Tool None 4.0000000000000000 Bleeping Computer - Magazine Américain The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals. [...]]]> 2023-07-05T06:00:39+00:00 https://www.bleepingcomputer.com/news/security/japans-largest-port-stops-operations-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8352395 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to release stolen data. [...]]]> 2023-06-30T09:45:30+00:00 https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/ www.secnews.physaphae.fr/article.php?IdArticle=8351015 False Ransomware,Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain Security analysts have discovered a previously undocumented remote access trojan (RAT) named \'EarlyRAT,\' used by Andariel, a sub-group of the Lazarus North Korean state-sponsored hacking group. [...]]]> 2023-06-29T13:39:41+00:00 https://www.bleepingcomputer.com/news/security/new-earlyrat-malware-linked-to-north-korean-andariel-hacking-group/ www.secnews.physaphae.fr/article.php?IdArticle=8350710 False Malware APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser extension or mobile app on Android and iOS.manager. [...]]]> 2023-06-29T10:56:35+00:00 https://www.bleepingcomputer.com/news/security/proton-launches-open-source-password-manager-with-some-limitations/ www.secnews.physaphae.fr/article.php?IdArticle=8350641 False General Information None 3.0000000000000000 Bleeping Computer - Magazine Américain OSINT-based CTI search engine Criminal IP has launched a bug bounty program aimed at strengthening the safety of its services and protecting its users. [...]]]> 2023-06-29T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-unveils-bug-bounty-program-to-boost-user-safety-security/ www.secnews.physaphae.fr/article.php?IdArticle=8350642 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The NPM (Node Package Manager) registry suffers from a security lapse called "manifest confusion," which undermines the trustworthiness of packages and makes it possible for attackers to hide malware in dependencies or perform malicious script execution during installation. [...]]]> 2023-06-28T10:28:35+00:00 https://www.bleepingcomputer.com/news/security/npm-ecosystem-at-risk-from-manifest-confusion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8350168 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform. [...]]]> 2023-06-27T14:11:47+00:00 https://www.bleepingcomputer.com/news/security/siemens-energy-confirms-data-breach-after-moveit-data-theft-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8349845 False Ransomware,Data Breach,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new process injection technique named \'Mockingjay\' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other security products to stealthily execute malicious code on compromised systems. [...]]]> 2023-06-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8349729 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new mobile malware campaign since March 2023 pushes the Android banking trojan \'Anatsa\' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland. [...]]]> 2023-06-26T13:21:29+00:00 https://www.bleepingcomputer.com/news/security/anatsa-android-trojan-now-steals-banking-info-from-users-in-us-uk/ www.secnews.physaphae.fr/article.php?IdArticle=8349420 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. [...]]]> 2023-06-26T12:39:22+00:00 https://www.bleepingcomputer.com/news/security/new-pindos-javascript-dropper-deploys-bumblebee-icedid-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8349421 False Ransomware,Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server. [...]]]> 2023-06-26T12:15:39+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-45-000-new-york-city-students-in-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8349401 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A trojanized installer for a popular Super Mario Bros game has been infecting unsuspecting players with multiple Windows malware families. [...]]]> 2023-06-25T10:36:18+00:00 https://www.bleepingcomputer.com/news/security/trojanized-super-mario-game-used-to-install-windows-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8349359 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps.  [...]]]> 2023-06-24T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/lastpass-users-furious-after-being-locked-out-due-to-mfa-resets/ www.secnews.physaphae.fr/article.php?IdArticle=8348921 False None LastPass,LastPass 2.0000000000000000 Bleeping Computer - Magazine Américain American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the hack of Pilot Credentials, a third-party vendor that manages multiple airlines\' pilot applications and recruitment portals. [...]]]> 2023-06-24T03:02:13+00:00 https://www.bleepingcomputer.com/news/security/american-airlines-southwest-airlines-disclose-data-breaches-affecting-pilots/ www.secnews.physaphae.fr/article.php?IdArticle=8348854 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. [...]]]> 2023-06-23T14:06:38+00:00 https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-iphone-bugs-abused-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8348606 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain PBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people was stolen in the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-06-23T11:06:33+00:00 https://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8348533 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. [...]]]> 2023-06-22T17:15:08+00:00 https://www.bleepingcomputer.com/news/security/microsoft-teams-bug-allows-malware-delivery-from-external-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8348263 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. National Security Agency (NSA) released today guidance on how to defend against BlackLotus UEFI bootkit malware attacks. [...]]]> 2023-06-22T16:50:44+00:00 https://www.bleepingcomputer.com/news/security/nsa-shares-tips-on-blocking-blacklotus-uefi-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8348237 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers\' credit cards and personal information. [...]]]> 2023-06-21T18:01:32+00:00 https://www.bleepingcomputer.com/news/security/iottie-discloses-data-breach-after-site-hacked-to-steal-credit-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8347849 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean APT37 hacking group uses a new \'FadeStealer\' information-stealing malware containing a \'wiretapping\' feature, allowing the threat actor to snoop and record from victims\' microphones. [...]]]> 2023-06-21T16:16:11+00:00 https://www.bleepingcomputer.com/news/security/apt37-hackers-deploy-new-fadestealer-eavesdropping-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347834 False Malware,Threat APT 37,APT 37 2.0000000000000000 Bleeping Computer - Magazine Américain Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. [...]]]> 2023-06-21T14:31:59+00:00 https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-days-used-to-deploy-triangulation-spyware-via-imessage/ www.secnews.physaphae.fr/article.php?IdArticle=8347804 False None None 2.0000000000000000