This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-12T20:04:33+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain The Windows 11 22H2 KB5027231 cumulative update released during this month\'s Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions. [...]]]> 2023-06-16T12:56:21+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5027231-also-breaks-chrome-for-cisco-watchguard-edr-users/ www.secnews.physaphae.fr/article.php?IdArticle=8346248 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Louisiana and Oregon warn that millions of driver\'s licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data. [...]]]> 2023-06-16T10:28:13+00:00 https://www.bleepingcomputer.com/news/security/millions-of-oregon-louisiana-state-ids-stolen-in-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8346197 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices with a trojanized chat app named \'BingeChat,\' which attempts to steal data from victims\' devices. [...]]]> 2023-06-15T12:10:17+00:00 https://www.bleepingcomputer.com/news/security/android-gravityrat-malware-now-steals-your-whatsapp-backups/ www.secnews.physaphae.fr/article.php?IdArticle=8345811 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data. [...]]]> 2023-06-15T11:39:03+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-gang-starts-extorting-moveit-data-theft-victims/ www.secnews.physaphae.fr/article.php?IdArticle=8345789 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine\'s military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [...]]]> 2023-06-15T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-use-powershell-usb-malware-to-drop-backdoors/ www.secnews.physaphae.fr/article.php?IdArticle=8345745 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the search hijacker and adware browser extension named Shampoo. [...]]]> 2023-06-14T13:56:33+00:00 https://www.bleepingcomputer.com/news/security/new-shampoo-chromeloader-malware-pushed-via-fake-warez-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8345437 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The Chinese threat group \'ChamelGang\' infects Linux devices with a previously unknown implant named \'ChamelDoH,\' allowing DNS-over-HTTPS communications with attackers\' servers. [...]]]> 2023-06-14T13:01:08+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-use-dns-over-https-for-linux-malware-communication/ www.secnews.physaphae.fr/article.php?IdArticle=8345382 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware. [...]]]> 2023-06-14T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/fake-zero-day-poc-exploits-on-github-push-windows-linux-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8345239 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade detection. [...]]]> 2023-06-13T17:16:30+00:00 https://www.bleepingcomputer.com/news/security/pirated-windows-10-isos-install-clipper-malware-via-efi-partitions/ www.secnews.physaphae.fr/article.php?IdArticle=8344997 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Romanian national Mihai Ionut Paunescu, aka "Virus," was sentenced to three years in prison by a Manhattan federal court for running a bulletproof hosting service and facilitating the distribution of the Gozi (Ursnif), Zeus, SpyEye, and BlackEnergy malware. [...]]]> 2023-06-13T10:52:14+00:00 https://www.bleepingcomputer.com/news/security/bulletproof-hoster-gets-3-years-for-pushing-urfsnif-zeus-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8344842 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database now shared on a hacking forum. [...]]]> 2023-06-12T13:59:35+00:00 https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-new-zacks-data-breach-impacting-8-million/ www.secnews.physaphae.fr/article.php?IdArticle=8344475 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while today, it warns that it is now targeted in DDoS attacks. [...]]]> 2023-06-12T10:58:06+00:00 https://www.bleepingcomputer.com/news/security/swiss-government-warns-of-ongoing-ddos-attacks-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8344415 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening. [...]]]> 2023-06-09T18:06:51+00:00 https://www.bleepingcomputer.com/news/security/ukrainian-hackers-take-down-service-provider-for-russian-banks/ www.secnews.physaphae.fr/article.php?IdArticle=8343785 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A hacking group tracked as \'Asylum Ambuscade\' was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber espionage with cybercrime. [...]]]> 2023-06-08T15:21:33+00:00 https://www.bleepingcomputer.com/news/security/asylum-ambuscade-hackers-mix-cybercrime-with-espionage/ www.secnews.physaphae.fr/article.php?IdArticle=8343392 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Google Chrome is getting new security-enhancing features for the built-in Password Manager, making it easier for users to manage their passwords and stay safe from account hijacking attacks. [...]]]> 2023-06-08T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-chrome-password-manager-gets-new-safeguards-for-your-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8343350 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of its servers. [...]]]> 2023-06-08T10:22:14+00:00 https://www.bleepingcomputer.com/news/security/japanese-pharma-giant-eisai-discloses-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8343327 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Honda\'s e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API flaws that allow password reset for any account. [...]]]> 2023-06-07T16:10:57+00:00 https://www.bleepingcomputer.com/news/security/honda-api-flaws-exposed-customer-data-dealer-panels-internal-docs/ www.secnews.physaphae.fr/article.php?IdArticle=8343133 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new \'Fractureiser\' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects. [...]]]> 2023-06-07T12:34:06+00:00 https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ www.secnews.physaphae.fr/article.php?IdArticle=8343074 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Over 60,000 Android apps disguised as legitimate applications have been quietly installing adware on mobile devices while remaining undetected for the past six months. [...]]]> 2023-06-06T15:10:26+00:00 https://www.bleepingcomputer.com/news/security/over-60-000-android-apps-secretly-installed-adware-for-past-six-months/ www.secnews.physaphae.fr/article.php?IdArticle=8342698 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Stealer logs represent one of the primary threat vectors for modern companies. This Flare explainer article will delve into the lifecycle of stealer malware and provide tips for detection and remediation. [...]]]> 2023-06-06T10:04:08+00:00 https://www.bleepingcomputer.com/news/security/dissecting-the-dark-web-supply-chain-stealer-logs-in-context/ www.secnews.physaphae.fr/article.php?IdArticle=8342626 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December. [...]]]> 2023-06-06T09:19:37+00:00 https://www.bleepingcomputer.com/news/security/android-security-update-fixes-mali-gpu-bug-exploited-as-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8343038 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new PowerShell malware script named \'PowerDrop\' has been discovered to be used in attacks targeting the U.S. aerospace defense industry. [...]]]> 2023-06-06T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-powerdrop-powershell-malware-targets-us-aerospace-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8342628 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies\' servers and steal data. [...]]]> 2023-06-05T17:27:12+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-moveit-extortion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8342301 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a new \'Triangulation\' malware. [...]]]> 2023-06-05T13:58:29+00:00 https://www.bleepingcomputer.com/news/security/new-tool-scans-iphones-for-triangulation-malware-infection/ www.secnews.physaphae.fr/article.php?IdArticle=8342289 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30 million times. [...]]]> 2023-06-05T12:50:51+00:00 https://www.bleepingcomputer.com/news/security/spinok-android-malware-found-in-more-apps-with-30-million-installs/ www.secnews.physaphae.fr/article.php?IdArticle=8342216 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain KeePass has released version 2.54, fixing the CVE-2023-3278 vulnerability that allows the extraction of the cleartext master password from the application\'s memory. [...]]]> 2023-06-05T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/keepass-v254-fixes-bug-that-leaked-cleartext-master-password/ www.secnews.physaphae.fr/article.php?IdArticle=8342200 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials for more damaging attacks. [...]]]> 2023-06-03T11:52:24+00:00 https://www.bleepingcomputer.com/news/security/online-sellers-targeted-by-new-information-stealing-malware-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8341797 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially" accessed or stolen during what the company described in February as a "cyber incident."  [...]]]> 2023-06-02T12:19:20+00:00 https://www.bleepingcomputer.com/news/security/burton-snowboards-discloses-data-breach-after-february-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8341534 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool. [...]]]> 2023-06-01T16:54:40+00:00 https://www.bleepingcomputer.com/news/security/new-horabot-campaign-takes-over-victims-gmail-outlook-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8341327 False Spam,Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Harvard Pilgrim Health Care (HPHC) has disclosed that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, with the threat actors also stealing their sensitive data from compromised systems. [...]]]> 2023-06-01T13:02:54+00:00 https://www.bleepingcomputer.com/news/security/harvard-pilgrim-health-care-ransomware-attack-hits-25-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8341260 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Russia blames these attacks on US intelligence agencies. [...]]]> 2023-06-01T12:11:28+00:00 https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8341261 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google announced today that bug bounty hunters who report sandbox escape chain exploits targeting its Chrome web browser are now eligible for triple the standard reward until December 1st, 2023. [...]]]> 2023-06-01T12:00:00+00:00 https://www.bleepingcomputer.com/news/google/google-triples-rewards-for-chrome-sandbox-escape-chain-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8341262 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A stealthy remote access trojan (RAT) named \'SeroXen\' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities. [...]]]> 2023-05-31T12:56:42+00:00 https://www.bleepingcomputer.com/news/security/stealthy-seroxen-rat-malware-increasingly-used-to-target-gamers/ www.secnews.physaphae.fr/article.php?IdArticle=8340927 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers\' Email Security Gateway (ESG) appliances with custom malware and steal data. [...]]]> 2023-05-30T16:25:22+00:00 https://www.bleepingcomputer.com/news/security/barracuda-zero-day-abused-since-2022-to-drop-new-malware-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8340632 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install "undeletable" malware and access the victim\'s private data by circumventing Transparency, Consent, and Control (TCC) security checks. [...]]]> 2023-05-30T15:20:41+00:00 https://www.bleepingcomputer.com/news/security/microsoft-finds-macos-bug-that-lets-hackers-bypass-sip-root-restrictions/ www.secnews.physaphae.fr/article.php?IdArticle=8340614 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new campaign distributing the RomCom backdoor malware is impersonating the websites of well-known or fictional software, tricking users into downloading and launching malicious installers. [...]]]> 2023-05-30T15:01:01+00:00 https://www.bleepingcomputer.com/news/security/romcom-malware-spread-via-google-ads-for-chatgpt-gimp-more/ www.secnews.physaphae.fr/article.php?IdArticle=8340589 False Malware ChatGPT 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play and collectively downloaded over 400 million times. [...]]]> 2023-05-30T10:38:31+00:00 https://www.bleepingcomputer.com/news/security/android-apps-with-spyware-installed-421-million-times-from-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8340539 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Jimbos Protocol, an Arbitrum-based DeFi project, has suffered a flash loan attack that resulted in the loss of more than of 4000 ETH tokens, currently valued at over $7,500,000. [...]]]> 2023-05-29T11:20:23+00:00 https://www.bleepingcomputer.com/news/security/flash-loan-attack-on-jimbos-protocol-steals-over-75-million/ www.secnews.physaphae.fr/article.php?IdArticle=8340219 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. [...]]]> 2023-05-29T09:49:01+00:00 https://www.bleepingcomputer.com/news/security/mcna-dental-data-breach-impacts-89-million-people-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8340203 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances. [...]]]> 2023-05-27T12:14:25+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-of-recently-patched-barracuda-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8339903 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software. [...]]]> 2023-05-27T11:12:06+00:00 https://www.bleepingcomputer.com/news/security/qbot-malware-abuses-windows-wordpad-exe-to-infect-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8339904 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called "Hot Pixels," which can retrieve pixels from the content displayed in the target\'s browser and infer the navigation history. [...]]]> 2023-05-27T10:08:16+00:00 https://www.bleepingcomputer.com/news/security/hot-pixels-attack-checks-cpu-temp-power-changes-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8339905 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting city\'s online services. [...]]]> 2023-05-26T16:45:18+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-26th-2023-cities-under-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8339716 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. [...]]]> 2023-05-26T10:56:41+00:00 https://www.bleepingcomputer.com/news/security/emby-shuts-down-user-media-servers-hacked-in-recent-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8339613 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers at Cisco Talos and the Citizen Lab have presented a new technical analysis of the commercial Android spyware \'Predator\' and its loader \'Alien,\' sharing its data-theft capabilities and other operational details. [...]]]> 2023-05-25T14:57:29+00:00 https://www.bleepingcomputer.com/news/security/predator-looking-under-the-hood-of-intellexas-android-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8339447 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways. [...]]]> 2023-05-25T13:12:26+00:00 https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-use-encrypted-rpmsg-messages/ www.secnews.physaphae.fr/article.php?IdArticle=8339437 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Mandiant security researchers have discovered a new OT known as CosmicEnergy that targets operational technology (OT), raising concerns about potential disruptions to electric power systems worldwide.  [...]]]> 2023-05-25T11:27:33+00:00 https://www.bleepingcomputer.com/news/security/new-russian-linked-cosmicenergy-malware-targets-industrial-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8339400 False Malware,Industrial CosmicEnergy 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-05-25T10:04:02+00:00 https://www.bleepingcomputer.com/news/security/whats-a-double-blind-password-strategy-and-when-should-it-be-used/ www.secnews.physaphae.fr/article.php?IdArticle=8339401 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at least mid-2021. [...]]]> 2023-05-24T16:43:37+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-breach-us-critical-infrastructure-in-stealthy-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8339140 False None Guam 2.0000000000000000 Bleeping Computer - Magazine Américain A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. [...]]]> 2023-05-24T15:17:19+00:00 https://www.bleepingcomputer.com/news/security/new-powerexchange-malware-backdoors-microsoft-exchange-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8339110 False Malware APT 34 2.0000000000000000 Bleeping Computer - Magazine Américain A suspected Iranian state-supported threat actor known as \'Agrius\' is now deploying a new ransomware strain named \'Moneybird\' against Israeli organizations. [...]]]> 2023-05-24T12:28:28+00:00 https://www.bleepingcomputer.com/news/security/iranian-hackers-use-new-moneybird-ransomware-to-attack-israeli-orgs/ www.secnews.physaphae.fr/article.php?IdArticle=8339069 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business. [...]]]> 2023-05-23T12:02:04+00:00 https://www.bleepingcomputer.com/news/security/arms-maker-rheinmetall-confirms-blackbasta-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8338800 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain ESET malware researchers have discovered a new remote access trojan (RAT) on the Google Play Store, bundled with an Android screen recording app with 50,000 installs. [...]]]> 2023-05-23T10:53:07+00:00 https://www.bleepingcomputer.com/news/security/new-ahrat-android-malware-hidden-in-app-with-50-000-installs/ www.secnews.physaphae.fr/article.php?IdArticle=8338751 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has launched the Mobile Vulnerability Rewards Program (Mobile VRP), a new bug bounty program that will pay security researchers for flaws found in the company\'s Android applications. [...]]]> 2023-05-22T17:18:38+00:00 https://www.bleepingcomputer.com/news/google/google-launches-bug-bounty-program-for-its-android-applications/ www.secnews.physaphae.fr/article.php?IdArticle=8338534 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers at Tencent Labs and Zhejiang University have presented a new attack called \'BrutePrint,\' which brute-forces fingerprints on modern smartphones to bypass user authentication and take control of the device. [...]]]> 2023-05-21T10:12:24+00:00 https://www.bleepingcomputer.com/news/security/android-phones-are-vulnerable-to-fingerprint-brute-force-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8338266 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new projects from being uploaded to the platform until further notice. The unexpected move comes amid the registry\'s struggle to upkeep with a large influx of malicious users and packages [...]]]> 2023-05-20T21:19:19+00:00 https://www.bleepingcomputer.com/news/security/pypi-temporarily-pauses-new-users-projects-amid-high-volume-of-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8338165 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware distribution campaign is underway impersonating the CapCut video editing tool to push various malware strains to unsuspecting victims. [...]]]> 2023-05-20T11:08:16+00:00 https://www.bleepingcomputer.com/news/security/cloned-capcut-websites-push-information-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8338132 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan. [...]]]> 2023-05-20T09:06:20+00:00 https://www.bleepingcomputer.com/news/security/npm-packages-hide-turkorat-malware-in-what-looks-like-a-nodejs-exe/ www.secnews.physaphae.fr/article.php?IdArticle=8338077 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. [...]]]> 2023-05-19T15:07:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-samsung-aslr-bypass-flaw-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8337965 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. [...]]]> 2023-05-19T11:34:57+00:00 https://www.bleepingcomputer.com/news/security/dish-network-likely-paid-ransom-after-recent-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8337917 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. [...]]]> 2023-05-19T09:37:23+00:00 https://www.bleepingcomputer.com/news/security/luxottica-confirms-2021-data-breach-after-info-of-70m-leaks-online/ www.secnews.physaphae.fr/article.php?IdArticle=8337893 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A cybercriminal tracked as the "Lemon Group" has been infecting millions of Android-based smartphones, watches, TVs, and TV boxes, with a malware strain named \'Guerilla.\' [...]]]> 2023-05-18T17:40:01+00:00 https://www.bleepingcomputer.com/news/security/cybercrime-gang-pre-infects-millions-of-android-devices-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8337767 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The popular KeePass password manager is vulnerable to extracting the master password from the application\'s memory, allowing attackers who compromise a device to retrieve the password even with the database is locked. [...]]]> 2023-05-18T16:26:27+00:00 https://www.bleepingcomputer.com/news/security/keepass-exploit-helps-retrieve-cleartext-master-password-fix-coming-soon/ www.secnews.physaphae.fr/article.php?IdArticle=8337760 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads. [...]]]> 2023-05-18T15:34:54+00:00 https://www.bleepingcomputer.com/news/apple/apple-fixes-three-new-zero-days-exploited-to-hack-iphones-macs/ www.secnews.physaphae.fr/article.php?IdArticle=8337736 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are now actively probing for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in massive Internet scans, attempting to exploit a critical account password reset flaw disclosed earlier in the month. [...]]]> 2023-05-18T12:36:06+00:00 https://www.bleepingcomputer.com/news/security/hackers-target-vulnerable-wordpress-elementor-plugin-after-poc-released/ www.secnews.physaphae.fr/article.php?IdArticle=8337705 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain LayerZero Labs has launched a bug bounty on the Immunefi platform that offers a maximum reward of $15 million for critical smart contract and blockchain vulnerabilities, a figure that sets a new record in the crypto space. [...]]]> 2023-05-18T10:31:31+00:00 https://www.bleepingcomputer.com/news/security/layerzero-launches-record-breaking-15m-crypto-bug-bounty-program/ www.secnews.physaphae.fr/article.php?IdArticle=8337668 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking. [...]]]> 2023-05-17T18:13:49+00:00 https://www.bleepingcomputer.com/news/security/malaslocker-ransomware-targets-zimbra-servers-demands-charity-donation/ www.secnews.physaphae.fr/article.php?IdArticle=8337472 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Technology provider ScanSource has announced it has fallen victim to a ransomware attack impacting some of its systems, business operations, and customer portals. [...]]]> 2023-05-17T10:41:55+00:00 https://www.bleepingcomputer.com/news/security/scansource-says-ransomware-attack-behind-multi-day-outages/ www.secnews.physaphae.fr/article.php?IdArticle=8337373 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) have published a joint advisory to inform organizations of the latest tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOCs) of the BianLian ransomware group. [...]]]> 2023-05-17T08:45:40+00:00 https://www.bleepingcomputer.com/news/security/fbi-confirms-bianlian-ransomware-switch-to-extortion-only-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8337350 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybersecurity researchers and IT admins have raised concerns over Google\'s new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery. [...]]]> 2023-05-16T18:48:25+00:00 https://www.bleepingcomputer.com/news/security/new-zip-domains-spark-debate-among-cybersecurity-experts/ www.secnews.physaphae.fr/article.php?IdArticle=8337229 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A Chinese state-sponsored hacking group named "Camaro Dragon" infects residential TP-Link routers with a custom "Horse Shell" malware used to attack European foreign affairs organizations. [...]]]> 2023-05-16T12:25:50+00:00 https://www.bleepingcomputer.com/news/security/hackers-infect-tp-link-router-firmware-to-attack-eu-entities/ www.secnews.physaphae.fr/article.php?IdArticle=8337027 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain As ransomware attacks continue to wreak havoc on organizations worldwide, many official standards and regulations have been established to address this pressing issue. Explore whether these regulated standards are sufficient or if organizations should strive for more robust security measures. [...]]]> 2023-05-16T10:04:02+00:00 https://www.bleepingcomputer.com/news/security/ransomware-prevention-are-meeting-password-security-requirements-enough/ www.secnews.physaphae.fr/article.php?IdArticle=8337001 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Kiddowares \'Parental Control - Kids Place\' app for Android is impacted by multiple vulnerabilities that could enable attackers to upload arbitrary files on protected devices, steal user credentials, and allow children to bypass restrictions without the parents noticing. [...]]]> 2023-05-16T09:44:03+00:00 https://www.bleepingcomputer.com/news/security/parental-control-app-with-5-million-downloads-vulnerable-to-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8336966 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The information-stealing malware market is constantly evolving, with multiple malware operations competing for cybercriminal customers by promoting better evasion and increased ability to steal data from victims. [...]]]> 2023-05-15T18:07:47+00:00 https://www.bleepingcomputer.com/news/security/the-new-info-stealing-malware-operations-to-watch-out-for/ www.secnews.physaphae.fr/article.php?IdArticle=8336782 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Meta is now rolling out \'Chat Lock,\' a new WhatsApp privacy feature allowing users to block others from accessing their most personal conversations. [...]]]> 2023-05-15T14:20:38+00:00 https://www.bleepingcomputer.com/news/security/whatsapp-now-lets-you-lock-chats-with-a-password-or-fingerprint/ www.secnews.physaphae.fr/article.php?IdArticle=8336749 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Pharmacy services provider PharMerica has disclosed a massive data breach impacting over 5.8 million patients, exposing their medical data to hackers. [...]]]> 2023-05-15T14:10:40+00:00 https://www.bleepingcomputer.com/news/security/ransomware-gang-steals-data-of-58-million-pharmerica-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8336750 False Ransomware,Data Breach,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain A new APT hacking group dubbed Lancefly uses a custom \'Merdoor\' backdoor malware to target government, aviation, and telecommunication organizations in South and Southeast Asia. [...]]]> 2023-05-15T13:28:23+00:00 https://www.bleepingcomputer.com/news/security/stealthy-merdoor-malware-uncovered-after-five-years-of-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8336740 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised. [...]]]> 2023-05-12T15:05:20+00:00 https://www.bleepingcomputer.com/news/security/discord-discloses-data-breach-after-support-agent-got-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=8336149 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023. [...]]]> 2023-05-12T10:50:33+00:00 https://www.bleepingcomputer.com/news/security/toyota-car-location-data-of-2-million-customers-exposed-for-ten-years/ www.secnews.physaphae.fr/article.php?IdArticle=8336087 False Data Breach,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain A new, stealthier variant of the Linux malware \'BPFDoor\' has been discovered, featuring more robust encryption and reverse shell communications. [...]]]> 2023-05-11T18:02:36+00:00 https://www.bleepingcomputer.com/news/security/stealthier-version-of-linux-bpfdoor-malware-spotted-in-the-wild/ www.secnews.physaphae.fr/article.php?IdArticle=8335758 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations. [...]]]> 2023-05-11T17:05:20+00:00 https://www.bleepingcomputer.com/news/security/multinational-tech-firm-abb-hit-by-black-basta-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8335732 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform. [...]]]> 2023-05-11T16:25:25+00:00 https://www.bleepingcomputer.com/news/security/brightly-warns-of-schooldude-data-breach-exposing-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8335733 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain New samples of the RapperBot botnet malware have added cryptojacking capabilites to mine for cryptocurrency on compromised Intel x64 machines. [...]]]> 2023-05-10T19:00:18+00:00 https://www.bleepingcomputer.com/news/security/rapperbot-ddos-malware-adds-cryptojacking-as-new-revenue-stream/ www.secnews.physaphae.fr/article.php?IdArticle=8335458 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware. [...]]]> 2023-05-10T14:23:33+00:00 https://www.bleepingcomputer.com/news/security/fake-in-browser-windows-updates-push-aurora-info-stealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8335419 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Industrial cybersecurity company Dragos today disclosed what it describes as a "cybersecurity event" after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices. [...]]]> 2023-05-10T11:48:01+00:00 https://www.bleepingcomputer.com/news/security/cybersecurity-firm-dragos-discloses-cybersecurity-incident-extortion-attempt/ www.secnews.physaphae.fr/article.php?IdArticle=8335273 False Industrial None 2.0000000000000000 Bleeping Computer - Magazine Américain In this article, we\'ll provide an overview of the biggest threats, password cracking, discuss the importance of strong passwords, and detail the top 5 password cracking techniques hackers use. [...]]]> 2023-05-10T10:06:12+00:00 https://www.bleepingcomputer.com/news/security/top-5-password-cracking-techniques-used-by-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8335260 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Joseph James O\'Connor, aka \'PlugwalkJoke,\' has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and hijacking high-profile accounts on Twitter and TikTok. [...]]]> 2023-05-10T09:48:01+00:00 https://www.bleepingcomputer.com/news/security/hacker-plugwalkjoe-pleads-guilty-to-2020-twitter-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8335243 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories. [...]]]> 2023-05-09T17:42:52+00:00 https://www.bleepingcomputer.com/news/security/github-now-auto-blocks-token-and-api-key-leaks-for-all-repos/ www.secnews.physaphae.fr/article.php?IdArticle=8335017 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware botnet named \'AndoryuBot\' is targeting a critical-severity flaw in the Ruckus Wireless Admin panel to infect unpatched Wi-Fi access points for use in DDoS attacks. [...]]]> 2023-05-09T15:58:38+00:00 https://www.bleepingcomputer.com/news/security/critical-ruckus-rce-flaw-exploited-by-new-ddos-botnet-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8334936 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who stole sensitive information, including business, customer, and employee data. [...]]]> 2023-05-09T15:47:42+00:00 https://www.bleepingcomputer.com/news/security/food-distribution-giant-sysco-warns-of-data-breach-after-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8334937 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has released security updates to address a Secure Boot zero-day vulnerability exploited by BlackLotus UEFI malware to infect fully patched Windows systems. [...]]]> 2023-05-09T14:45:48+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-optional-fix-for-secure-boot-zero-day-used-by-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8335008 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybersecurity and intelligence agencies from all Five Eyes member nations took down the infrastructure used by the Snake cyber-espionage malware operated by Russia\'s Federal Security Service (FSB). [...]]]> 2023-05-09T12:29:36+00:00 https://www.bleepingcomputer.com/news/security/fbi-nukes-russian-snake-data-theft-malware-with-self-destruct-command/ www.secnews.physaphae.fr/article.php?IdArticle=8334858 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Intel is investigating the leak of alleged private keys used by the Intel BootGuard security feature, potentially impacting its ability to block the installation of malicious UEFI firmware on MSI devices. [...]]]> 2023-05-08T13:31:15+00:00 https://www.bleepingcomputer.com/news/security/intel-investigating-leak-of-intel-boot-guard-private-keys-after-msi-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8334379 False None None 1.00000000000000000000 Bleeping Computer - Magazine Américain Microsoft says Iranian state-backed hackers have joined the ongoing assault targeting vulnerable PaperCut MF/NG print management servers. [...]]]> 2023-05-08T10:47:26+00:00 https://www.bleepingcomputer.com/news/security/microsoft-iranian-hacking-groups-join-papercut-attack-spree/ www.secnews.physaphae.fr/article.php?IdArticle=8334281 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors can steal data from organizations to sell to other malicious actors, making it a major risk for organizations. Wazuh, the free and open-source XDR/SIEM, offers several capabilities that protection against data theft. [...]]]> 2023-05-08T10:05:10+00:00 https://www.bleepingcomputer.com/news/security/detecting-data-theft-with-wazuh-the-open-source-xdr/ www.secnews.physaphae.fr/article.php?IdArticle=8334282 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal information in a March cyberattack. [...]]]> 2023-05-07T12:10:45+00:00 https://www.bleepingcomputer.com/news/security/western-digital-says-hackers-stole-customer-data-in-march-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8334131 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms. [...]]]> 2023-05-07T09:16:08+00:00 https://www.bleepingcomputer.com/news/security/meet-akira-a-new-ransomware-operation-targeting-the-enterprise/ www.secnews.physaphae.fr/article.php?IdArticle=8334112 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain This week\'s ransomware news has been dominated by a Royal ransomware attack on the City of Dallas that took down part of the IT infrastructure. [...]]]> 2023-05-05T16:07:59+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-5th-2023-targeting-the-public-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8333861 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware called \'FluHorse\' has been discovered, targeting users in Eastern Asia with malicious apps that imitate legitimate versions. [...]]]> 2023-05-05T14:39:17+00:00 https://www.bleepingcomputer.com/news/security/new-android-fluhorse-malware-steals-your-passwords-2fa-codes/ www.secnews.physaphae.fr/article.php?IdArticle=8333851 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Android security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised devices. [...]]]> 2023-05-05T13:45:15+00:00 https://www.bleepingcomputer.com/news/security/new-android-updates-fix-kernel-bug-exploited-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8333840 False Vulnerability None 2.0000000000000000