This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-10T15:24:41+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers. [...]]]> 2024-05-09T11:21:59+00:00 https://www.bleepingcomputer.com/news/security/dell-warns-of-data-breach-49-million-customers-allegedly-affected/ www.secnews.physaphae.fr/article.php?IdArticle=8496646 False Data Breach,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Zscaler says that they discovered an exposed "test environment" that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company\'s systems. [...]]]> 2024-05-08T19:30:25+00:00 https://www.bleepingcomputer.com/news/security/zscaler-takes-test-environment-offline-after-rumors-of-a-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8496241 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The UK Government confirmed today that a threat actor recently breached the country\'s Ministry of Defence and gained access to part of the Armed Forces payment network. [...]]]> 2024-05-07T15:41:53+00:00 https://www.bleepingcomputer.com/news/security/uk-confirms-ministry-of-defence-payroll-data-exposed-in-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8495434 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. [...]]]> 2024-05-04T10:17:34+00:00 https://www.bleepingcomputer.com/news/security/iranian-hackers-pose-as-journalists-to-push-backdoor-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8493646 False Malware,Threat,Cloud APT 42 3.0000000000000000 Bleeping Computer - Magazine Américain ​NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28. [...]]]> 2024-05-03T11:47:35+00:00 https://www.bleepingcomputer.com/news/security/nato-and-eu-condemn-russias-cyberattacks-against-germany-czechia/ www.secnews.physaphae.fr/article.php?IdArticle=8493049 False Threat APT 28 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. [...]]]> 2024-04-24T13:07:51+00:00 https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8488121 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan. [...]]]> 2024-04-23T17:27:54+00:00 https://www.bleepingcomputer.com/news/security/coralraider-attacks-use-cdn-cache-to-push-info-stealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8487636 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion. [...]]]> 2024-04-22T11:05:44+00:00 https://www.bleepingcomputer.com/news/security/gitlab-affected-by-github-style-cdn-flaw-allowing-malware-hosting/ www.secnews.physaphae.fr/article.php?IdArticle=8486857 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. [...]]]> 2024-04-20T10:14:28+00:00 https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/ www.secnews.physaphae.fr/article.php?IdArticle=8485979 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The United Nations Development Programme (UNDP) is investigating a cyberattack after threat actors breached its IT systems to steal human resources data. [...]]]> 2024-04-19T14:03:31+00:00 https://www.bleepingcomputer.com/news/security/united-nations-agency-investigates-ransomware-attack-claimed-by-8Base-gang/ www.secnews.physaphae.fr/article.php?IdArticle=8485404 False Ransomware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers. [...]]]> 2024-04-13T10:00:16+00:00 https://www.bleepingcomputer.com/news/security/hacker-claims-giant-tiger-data-breach-leaks-28m-records-online/ www.secnews.physaphae.fr/article.php?IdArticle=8481422 False Data Breach,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. [...]]]> 2024-04-13T08:35:15+00:00 https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8481394 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company\'s Chief Executive Officer. [...]]]> 2024-04-11T18:00:39+00:00 https://www.bleepingcomputer.com/news/security/lastpass-hackers-targeted-employee-in-failed-deepfake-ceo-call/ www.secnews.physaphae.fr/article.php?IdArticle=8480277 False Threat LastPass 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI\'s ChatGPT, Google\'s Gemini, or Microsoft\'s CoPilot. [...]]]> 2024-04-10T12:12:40+00:00 https://www.bleepingcomputer.com/news/security/malicious-powershell-script-pushing-malware-looks-ai-written/ www.secnews.physaphae.fr/article.php?IdArticle=8479446 False Malware,Threat ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. [...]]]> 2024-04-10T07:00:00+00:00 https://www.bleepingcomputer.com/news/security/malicious-visual-studio-projects-on-github-push-keyzetsu-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8479372 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. [...]]]> 2024-04-09T18:06:06+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8478933 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Department of Homeland Security\'s Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key. [...]]]> 2024-04-03T20:21:10+00:00 https://www.bleepingcomputer.com/news/security/microsoft-still-unsure-how-hackers-stole-msa-key-in-2023-exchange-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8475559 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor. [...]]]> 2024-04-03T14:55:21+00:00 https://www.bleepingcomputer.com/news/security/us-state-department-investigates-alleged-theft-of-government-data/ www.secnews.physaphae.fr/article.php?IdArticle=8475395 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [...]]]> 2024-04-01T11:00:28+00:00 https://www.bleepingcomputer.com/news/security/shopping-platform-pandabuy-data-leak-impacts-13-million-users/ www.secnews.physaphae.fr/article.php?IdArticle=8474071 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Analysis Group (TAG) and Google subsidiary Mandiant said they\'ve observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. [...]]]> 2024-03-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-spyware-vendors-behind-50-percent-of-zero-days-exploited-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8471385 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies. [...]]]> 2024-03-26T14:51:32+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-ray-framework-flaw-to-breach-servers-hijack-resources/ www.secnews.physaphae.fr/article.php?IdArticle=8470917 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat (APT) group known as \'Earth Krahang\' has breached 70 organizations and targeted at least 116 across 45 countries. [...]]]> 2024-03-18T16:49:17+00:00 https://www.bleepingcomputer.com/news/security/chinese-earth-krahang-hackers-breach-70-orgs-in-23-countries/ www.secnews.physaphae.fr/article.php?IdArticle=8466271 False Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals. [...]]]> 2024-03-14T09:32:09+00:00 https://www.bleepingcomputer.com/news/security/french-unemployment-agency-data-breach-impacts-43-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8463798 False Data Breach,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. [...]]]> 2024-03-13T17:26:41+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-windows-smartscreen-flaw-to-drop-darkgate-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8463461 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company\'s employee attendance data after a threat actor leaked the data on a hacking forum. [...]]]> 2024-03-12T15:31:04+00:00 https://www.bleepingcomputer.com/news/security/acer-confirms-philippines-employee-data-leaked-on-hacking-forum/ www.secnews.physaphae.fr/article.php?IdArticle=8462804 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. [...]]]> 2024-03-10T11:38:34+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8461729 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. [...]]]> 2024-02-21T14:03:25+00:00 https://www.bleepingcomputer.com/news/security/new-ssh-snake-malware-steals-ssh-keys-to-spread-across-the-network/ www.secnews.physaphae.fr/article.php?IdArticle=8453361 False Malware,Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. [...]]]> 2024-02-21T12:18:14+00:00 https://www.bleepingcomputer.com/news/security/screenconnect-critical-bug-now-under-attack-as-exploit-code-emerges/ www.secnews.physaphae.fr/article.php?IdArticle=8453302 False Vulnerability,Threat,Technical None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT). [...]]]> 2024-02-13T15:52:54+00:00 https://www.bleepingcomputer.com/news/security/hackers-used-new-windows-defender-zero-day-to-drop-darkme-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8449717 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. [...]]]> 2024-02-08T15:16:15+00:00 https://www.bleepingcomputer.com/news/security/hyundai-motor-europe-hit-by-black-basta-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8448147 False Ransomware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Commercial spyware vendors (CSV) were behind 80% of the zero-day vulnerabilities Google\'s Threat Analysis Group (TAG) discovered in 2023 and used to spy on devices worldwide. [...]]]> 2024-02-06T12:27:54+00:00 https://www.bleepingcomputer.com/news/security/google-says-spyware-vendors-behind-most-zero-days-it-discovers/ www.secnews.physaphae.fr/article.php?IdArticle=8447360 False Vulnerability,Threat,Commercial None 4.0000000000000000 Bleeping Computer - Magazine Américain AI SPERA, a leader in Cyber Threat Intelligence (CTI)-based solutions, today announced that Criminal IP ASM (Attack Surface Management) is now available on the Microsoft Azure Marketplace. [...]]]> 2024-02-06T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-asm-a-new-cybersecurity-listing-on-microsoft-azure/ www.secnews.physaphae.fr/article.php?IdArticle=8447320 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. [...]]]> 2024-02-05T13:33:51+00:00 https://www.bleepingcomputer.com/news/security/hpe-investigates-new-breach-after-data-for-sale-on-hacking-forum/ www.secnews.physaphae.fr/article.php?IdArticle=8447009 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. [...]]]> 2024-01-31T17:31:43+00:00 https://www.bleepingcomputer.com/news/security/hackers-push-usb-malware-payloads-via-news-media-hosting-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8445342 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to be selling the personal info of 50 million customers. [...]]]> 2024-01-31T14:25:10+00:00 https://www.bleepingcomputer.com/news/security/europcar-denies-data-breach-of-50-million-users-says-data-is-fake/ www.secnews.physaphae.fr/article.php?IdArticle=8445294 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the exploit requires local access, its release will mostly be helpful to researchers. [...]]]> 2024-01-31T14:15:23+00:00 https://www.bleepingcomputer.com/news/security/exploit-released-for-android-local-elevation-flaw-impacting-7-oems/ www.secnews.physaphae.fr/article.php?IdArticle=8445295 False Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A previously unknown advanced threat actor tracked  as \'Blackwood\' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals. [...]]]> 2024-01-25T15:30:26+00:00 https://www.bleepingcomputer.com/news/security/blackwood-hackers-hijack-wps-office-update-to-install-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8443124 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The United Kingdom\'s National Cyber Security Centre (NCSC) warns that artificial intelligence (AI) tools will have an adverse near-term impact on cybersecurity, helping escalate the threat of ransomware. [...]]]> 2024-01-24T11:56:13+00:00 https://www.bleepingcomputer.com/news/security/uk-says-ai-will-empower-ransomware-over-the-next-two-years/ www.secnews.physaphae.fr/article.php?IdArticle=8442614 False Ransomware,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. [...]]]> 2024-01-16T12:34:28+00:00 https://www.bleepingcomputer.com/news/security/fbi-androxgh0st-malware-botnet-steals-aws-microsoft-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8439618 False Malware,Threat,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain GrapheneOS, a privacy and security-focused Android-based operating system, has posted a series of tweets on X suggesting that Android should introduce frequent auto-reboots to make it harder for forensic software vendors to exploit firmware flaws and spy on the users. [...]]]> 2024-01-14T10:32:54+00:00 https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8438993 False Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes. [...]]]> 2024-01-12T10:30:18+00:00 https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-exploited-to-deploy-custom-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8438313 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Some organizations victimized by the Royal and Akira ransomware gangs have been targeted by a threat actor posing as a security researcher who promised to hack back the original attacker and delete stolen victim data. [...]]]> 2024-01-09T16:09:01+00:00 https://www.bleepingcomputer.com/news/security/ransomware-victims-targeted-by-fake-hack-back-offers/ www.secnews.physaphae.fr/article.php?IdArticle=8437300 False Ransomware,Hack,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cyber Threat Intelligence (CTI) search engine Criminal IP has established a technical partnership with Tenable. Learn more from Criminal IP about how this partnership can assist in real-time vulnerability and maliciousness scans. [...]]]> 2024-01-09T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-tenable-partner-for-swift-vulnerability-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8437214 False Vulnerability,Threat,Technical None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware. [...]]]> 2023-12-28T14:04:48+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8430406 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Ukraine\'s Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour. [...]]]> 2023-12-28T12:43:18+00:00 https://www.bleepingcomputer.com/news/security/russian-military-hackers-target-ukraine-with-new-masepie-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8430384 False Malware,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions were caused by a Lockbit ransomware attack where the threat actors gained access to IT systems and encrypted devices on the network. [...]]]> 2023-12-27T16:05:26+00:00 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-disrupts-emergency-care-at-german-hospitals/ www.secnews.physaphae.fr/article.php?IdArticle=8429969 False Ransomware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. [...]]]> 2023-12-25T13:27:56+00:00 https://www.bleepingcomputer.com/news/security/gta-5-source-code-reportedly-leaked-online-a-year-after-rockstar-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8428924 False Hack,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Lapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced to life in a \'secure hospital\' by a UK judge. Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI. [...]]]> 2023-12-21T15:42:55+00:00 https://www.bleepingcomputer.com/news/security/lapsus-hacker-behind-gta-6-leak-gets-indefinite-hospital-sentence/ www.secnews.physaphae.fr/article.php?IdArticle=8426985 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The Israel National Cyber Directorate warns of phishing emails pretending to be F5 BIG-IP zero-day security updates that deploy Windows and Linux data wipers. [...]]]> 2023-12-20T16:52:42+00:00 https://www.bleepingcomputer.com/news/security/fake-f5-big-ip-zero-day-warning-emails-push-data-wipers/ www.secnews.physaphae.fr/article.php?IdArticle=8426358 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Go-based multi-platform malware identified as \'NKAbuse\' is the first malware abusing NKN (New Kind of Network) technology for data exchange, making it a stealthy threat. [...]]]> 2023-12-14T17:15:12+00:00 https://www.bleepingcomputer.com/news/security/new-nkabuse-malware-abuses-nkn-blockchain-for-stealthy-comms/ www.secnews.physaphae.fr/article.php?IdArticle=8422887 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named \'KV-botnet\' since at least 2022 to attack SOHO routers in high-value targets. [...]]]> 2023-12-13T17:47:20+00:00 https://www.bleepingcomputer.com/news/security/stealthy-kv-botnet-hijacks-soho-routers-and-vpn-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8422307 False Threat Guam 3.0000000000000000 Bleeping Computer - Magazine Américain The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. [...]]]> 2023-12-11T16:25:32+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-drop-new-rat-malware-using-2-year-old-log4j-bug/ www.secnews.physaphae.fr/article.php?IdArticle=8421215 False Malware,Threat APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. [...]]]> 2023-12-05T12:07:17+00:00 https://www.bleepingcomputer.com/news/security/hackers-breach-us-govt-agencies-using-adobe-coldfusion-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8419323 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. [...]]]> 2023-11-29T13:07:18+00:00 https://www.bleepingcomputer.com/news/security/hackers-breach-us-water-facility-via-exposed-unitronics-plcs/ www.secnews.physaphae.fr/article.php?IdArticle=8417852 False Threat,Industrial None 3.0000000000000000 Bleeping Computer - Magazine Américain After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...]]]> 2023-11-19T11:14:25+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-use-ngrok-feature-and-winrar-exploit-to-attack-embassies/ www.secnews.physaphae.fr/article.php?IdArticle=8414888 False Vulnerability,Threat APT 29,APT 28 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. [...]]]> 2023-11-17T18:26:29+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-17th-2023-citrix-in-the-crosshairs/ www.secnews.physaphae.fr/article.php?IdArticle=8413639 False Ransomware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution. [...]]]> 2023-11-14T15:34:15+00:00 https://www.bleepingcomputer.com/news/security/new-cachewarp-amd-cpu-attack-lets-hackers-gain-root-in-linux-vms/ www.secnews.physaphae.fr/article.php?IdArticle=8412075 False Hack,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Postmeds, doing business as \'Truepill,\' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information. [...]]]> 2023-11-14T12:36:32+00:00 https://www.bleepingcomputer.com/news/security/pharmacy-provider-truepill-data-breach-hits-23-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8411979 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article. [...]]]> 2023-11-13T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-cisco-securex-xdr-enhanced-cyber-threat-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8411133 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state\'s entire population. [...]]]> 2023-11-10T11:21:23+00:00 https://www.bleepingcomputer.com/news/security/maine-govt-notifies-13-million-people-of-moveit-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8409199 False Data Breach,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware. [...]]]> 2023-11-09T11:09:38+00:00 https://www.bleepingcomputer.com/news/security/google-ads-push-malicious-cpu-z-app-from-fake-windows-news-site/ www.secnews.physaphae.fr/article.php?IdArticle=8408601 False Malware,Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...]]]> 2023-11-08T11:44:35+00:00 https://www.bleepingcomputer.com/news/security/fbi-ransomware-gangs-hack-casinos-via-3rd-party-gaming-vendors/ www.secnews.physaphae.fr/article.php?IdArticle=8407960 False Ransomware,Hack,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as \'farnetwork\', built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management. [...]]]> 2023-11-08T04:32:39+00:00 https://www.bleepingcomputer.com/news/security/russian-speaking-threat-actor-farnetwork-linked-to-5-ransomware-gangs/ www.secnews.physaphae.fr/article.php?IdArticle=8407758 False Ransomware,Malware,Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices. [...]]]> 2023-11-07T15:26:39+00:00 https://www.bleepingcomputer.com/news/security/bluenoroff-hackers-backdoor-macs-with-new-objcshellz-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8407462 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]]]> 2023-11-06T15:26:17+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/ www.secnews.physaphae.fr/article.php?IdArticle=8406806 False Malware,Threat,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. [...]]]> 2023-10-30T23:09:43+00:00 https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-cisco-ios-xe-flaw-many-hosts-still-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=8403268 False Hack,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new sophisticated threat tracked as \'TetrisPhantom\' has been using compromised secure USB drives to target government systems in the Asia-Pacific region. [...]]]> 2023-10-22T11:18:36+00:00 https://www.bleepingcomputer.com/news/security/new-tetrisphantom-hackers-steal-data-from-secure-usb-drives-on-govt-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8398998 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine. [...]]]> 2023-10-20T08:48:20+00:00 https://www.bleepingcomputer.com/news/security/fake-corsair-job-offers-on-linkedin-push-darkgate-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8398245 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. [...]]]> 2023-10-19T14:17:19+00:00 https://www.bleepingcomputer.com/news/security/fake-keepass-site-uses-google-ads-and-punycode-to-push-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8397827 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens. [...]]]> 2023-10-16T17:29:48+00:00 https://www.bleepingcomputer.com/news/security/discord-still-a-hotbed-of-malware-activity-now-apts-join-the-fun/ www.secnews.physaphae.fr/article.php?IdArticle=8396381 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers\' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers. [...]]]> 2023-10-12T08:13:11+00:00 https://www.bleepingcomputer.com/news/security/shadow-pc-warns-of-data-breach-as-hacker-tries-to-sell-gamers-info/ www.secnews.physaphae.fr/article.php?IdArticle=8394721 False Data Breach,Threat,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site\'s activity. [...]]]> 2023-10-11T17:23:36+00:00 https://www.bleepingcomputer.com/news/security/new-wordpress-backdoor-creates-rogue-admin-to-hijack-websites/ www.secnews.physaphae.fr/article.php?IdArticle=8394487 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The District of Columbia Board of Elections (DCBOE) is currently probing a data leak involving an unknown number of voter records following breach claims from a threat actor known as RansomedVC. [...]]]> 2023-10-06T19:07:50+00:00 https://www.bleepingcomputer.com/news/security/dc-board-of-elections-confirms-voter-data-stolen-in-site-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8392423 False Hack,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Cloudflare\'s Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls. [...]]]> 2023-09-30T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/cloudflare-ddos-protections-ironically-bypassed-using-cloudflare/ www.secnews.physaphae.fr/article.php?IdArticle=8390128 False Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations. [...]]]> 2023-09-27T11:51:00+00:00 https://www.bleepingcomputer.com/news/security/us-and-japan-warn-of-chinese-hackers-backdooring-cisco-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8388437 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023. [...]]]> 2023-09-23T11:09:18+00:00 https://www.bleepingcomputer.com/news/security/evasive-gelsemium-hackers-spotted-in-attack-against-asian-govt/ www.secnews.physaphae.fr/article.php?IdArticle=8387112 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers with The Citizen Lab and Google\'s Threat Analysis Group (TAG) revealed today that three zero-days patched by Apple on Thursday were abused as part of an exploit chain to install Cytrox\'s Predator spyware. [...]]]> 2023-09-22T14:16:52+00:00 https://www.bleepingcomputer.com/news/security/recently-patched-apple-chrome-zero-days-exploited-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8386842 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly containing T-Mobile employees\' data. [...]]]> 2023-09-22T11:05:02+00:00 https://www.bleepingcomputer.com/news/security/t-mobile-denies-new-data-breach-rumors-points-to-authorized-retailer/ www.secnews.physaphae.fr/article.php?IdArticle=8386776 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A previously unknown threat actor dubbed \'Sandman\' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named \'LuaDream.\' [...]]]> 2023-09-21T15:50:00+00:00 https://www.bleepingcomputer.com/news/security/sandman-hackers-backdoor-telcos-with-new-luadream-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8386438 False Malware,Threat None 1.00000000000000000000 Bleeping Computer - Magazine Américain Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data allegedly stolen from the company\'s network. [...]]]> 2023-09-20T15:34:05+00:00 https://www.bleepingcomputer.com/news/security/transunion-denies-it-was-hacked-links-leaked-data-to-3rd-party/ www.secnews.physaphae.fr/article.php?IdArticle=8385987 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware. [...]]]> 2023-09-20T10:49:34+00:00 https://www.bleepingcomputer.com/news/security/fake-winrar-proof-of-concept-exploit-drops-venomrat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8385859 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices. [...]]]> 2023-09-19T11:14:35+00:00 https://www.bleepingcomputer.com/news/security/hackers-backdoor-telecom-providers-with-new-httpsnoop-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8385369 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023. [...]]]> 2023-09-14T12:30:00+00:00 https://www.bleepingcomputer.com/news/security/iranian-hackers-breach-defense-orgs-in-password-spray-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8382726 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Criminal IP, a cyber threat intelligence search engine, has achieved PCI DSS Level 1 certification. Learn more from Criminal IP about their cyber threat intelligence search engine. [...]]]> 2023-09-14T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-elevates-payment-security-with-pci-dss-level-1-certification/ www.secnews.physaphae.fr/article.php?IdArticle=8382707 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the BatLoader malware. [...]]]> 2023-09-14T09:47:16+00:00 https://www.bleepingcomputer.com/news/security/fake-cisco-webex-google-ads-abuse-tracking-templates-to-push-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8382664 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network. [...]]]> 2023-09-13T08:29:40+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-new-3am-ransomware-to-save-failed-lockbit-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8382291 False Ransomware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A nation-state threat actor known as \'Charming Kitten\' (Phosphorus, TA453, APT35/42) has been observed deploying a previously unknown backdoor malware named \'Sponsor\' against 34 companies around the globe. [...]]]> 2023-09-11T12:19:26+00:00 https://www.bleepingcomputer.com/news/security/iranian-hackers-backdoor-34-orgs-with-new-sponsor-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8381418 False Malware,Threat APT 35 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Analysis Group (TAG) says North Korean state hackers are again targeting security researchers in attacks using at least one zero-day in an undisclosed popular software. [...]]]> 2023-09-07T12:48:03+00:00 https://www.bleepingcomputer.com/news/security/google-state-hackers-attack-security-researchers-with-new-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8380150 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft 365 corporate accounts. [...]]]> 2023-09-06T06:33:54+00:00 https://www.bleepingcomputer.com/news/security/w3ll-phishing-kit-hijacks-thousands-of-microsoft-365-accounts-bypasses-mfa/ www.secnews.physaphae.fr/article.php?IdArticle=8379573 False Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning that a sexually explicit video of you was uploaded to the site and suggesting you pay to have it taken down. [...]]]> 2023-09-02T10:12:06+00:00 https://www.bleepingcomputer.com/news/security/fake-youporn-extortion-scam-threatens-to-leak-your-sex-tape/ www.secnews.physaphae.fr/article.php?IdArticle=8378202 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors take advantage of common password mistakes to breach corporate networks. Learn more from Specops Software on the four most common mistakes and how to strengthen your Active Directory against these risks. [...]]]> 2023-08-28T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/four-common-password-mistakes-hackers-love-to-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8375713 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of the year the hackers\' median dwell time dropped to five days from nine in 2022 [...]]]> 2023-08-24T14:18:04+00:00 https://www.bleepingcomputer.com/news/security/ransomware-hackers-dwell-time-drops-to-5-days-rdp-still-widely-used/ www.secnews.physaphae.fr/article.php?IdArticle=8374177 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack. [...]]]> 2023-08-22T12:47:21+00:00 https://www.bleepingcomputer.com/news/security/new-hiatusrat-malware-attacks-target-us-defense-department/ www.secnews.physaphae.fr/article.php?IdArticle=8373169 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors increasingly distribute malicious Android APKs (packaged app installers) that resist decompilation using unsupported, unknown, or heavily tweaked compression algorithms. [...]]]> 2023-08-17T10:51:12+00:00 https://www.bleepingcomputer.com/news/security/thousands-of-android-apks-use-compression-trick-to-thwart-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8371282 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519. [...]]]> 2023-08-15T15:41:38+00:00 https://www.bleepingcomputer.com/news/security/almost-2-000-citrix-netscaler-servers-backdoored-in-hacking-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8370374 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture. [...]]]> 2023-08-11T02:23:46+00:00 https://www.bleepingcomputer.com/news/security/lapsus-hackers-took-sim-swapping-attacks-to-the-next-level/ www.secnews.physaphae.fr/article.php?IdArticle=8368919 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Healthcare organizations are increasingly at risk from threat actors targeting Internet of Medical Things. Learn more from Outpost24 on how attack surface management can secure the IoMT devices. [...]]]> 2023-08-09T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/preventative-medicine-for-securing-iot-tech-in-healthcare-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8367933 False Threat,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]]]> 2023-08-08T16:15:31+00:00 https://www.bleepingcomputer.com/news/security/microsoft-office-update-breaks-actively-exploited-rce-attack-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8367470 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft\'s new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily spread laterally to other Azure tenants. [...]]]> 2023-08-03T18:55:44+00:00 https://www.bleepingcomputer.com/news/security/new-microsoft-azure-ad-cts-feature-can-be-abused-for-lateral-movement/ www.secnews.physaphae.fr/article.php?IdArticle=8365439 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect. [...]]]> 2023-07-31T11:31:42+00:00 https://www.bleepingcomputer.com/news/security/p2pinfect-server-botnet-spreads-using-redis-replication-feature/ www.secnews.physaphae.fr/article.php?IdArticle=8363909 False Malware,Threat None 2.0000000000000000