This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T18:56:01+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.]]> 2025-05-08T19:43:42+00:00 https://www.darkreading.com/endpoint-security/sonicwall-patch-exploit-chain-sma-devices www.secnews.physaphae.fr/article.php?IdArticle=8673395 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries.]]> 2025-05-07T20:08:42+00:00 https://www.darkreading.com/cyberattacks-data-breaches/play-ransomware-group-windows-zero-day www.secnews.physaphae.fr/article.php?IdArticle=8672929 False Ransomware,Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The vulnerability, which has a CVSS score of 9.8, is under attack and allows threat actors to remotely execute arbitrary commands on servers running the agentic AI builder.]]> 2025-05-06T20:26:35+00:00 https://www.darkreading.com/vulnerabilities-threats/easily-exploitable-langflow-vulnerability-patching www.secnews.physaphae.fr/article.php?IdArticle=8672451 False Vulnerability,Threat,Patching None 3.0000000000000000 Dark Reading - Informationweek Branch The vulnerabilities affect SonicWall\'s SMA devices for secure remote access, which have been heavily targeted by threat actors in the past.]]> 2025-05-06T14:45:09+00:00 https://www.darkreading.com/threat-intelligence/two-sonicwall-vulnerabilities-under-exploitation www.secnews.physaphae.fr/article.php?IdArticle=8672348 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Software teams need to follow security best practices to eliminate the leak of secrets, as threat actors increase their scanning for configuration and repository files.]]> 2025-05-02T16:29:28+00:00 https://www.darkreading.com/threat-intelligence/attackers-targeting-developer-secrets www.secnews.physaphae.fr/article.php?IdArticle=8670652 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.]]> 2025-05-02T15:59:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/despite-arrests-scattered-spider-continues-hacking www.secnews.physaphae.fr/article.php?IdArticle=8670632 False Threat,Legislation None 3.0000000000000000 Dark Reading - Informationweek Branch How one unreasonable client got lucky during a cyber incident, despite their unreasonable response to the threat.]]> 2025-05-01T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/threat-actors-behave-managed-service-providers www.secnews.physaphae.fr/article.php?IdArticle=8670131 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Opportunistic threat actors targeted Portuguese and Spanish speakers by spoofing Portugal\'s national airline in a campaign offering compensation for delayed or disrupted flights.]]> 2025-04-30T15:18:14+00:00 https://www.darkreading.com/cyberattacks-data-breaches/phishers-take-advantage-iberian-blackout www.secnews.physaphae.fr/article.php?IdArticle=8670004 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers are leveraging the benefits of new technology and the availability of commodity tools, credentials, and other resources to develop sophisticated attacks more quickly than ever, putting defenders on their heels.]]> 2025-04-28T14:20:12+00:00 https://www.darkreading.com/remote-workforce/ai-automation-dark-web-fuel-evolving-threat-landscape www.secnews.physaphae.fr/article.php?IdArticle=8669034 False Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.]]> 2025-04-24T16:46:08+00:00 https://www.darkreading.com/remote-workforce/fbi-cybercrime-losses-16b-2024 www.secnews.physaphae.fr/article.php?IdArticle=8667269 False Ransomware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The convergence of cybercrime, financial fraud, and organized crime poses a significant threat, especially where these syndicates excel at operating under the radar.]]> 2025-04-24T01:00:00+00:00 https://www.darkreading.com/threat-intelligence/industrial-scale-asian-scam-centers www.secnews.physaphae.fr/article.php?IdArticle=8666897 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.]]> 2025-04-22T16:46:51+00:00 https://www.darkreading.com/remote-workforce/cookie-bite-entra-id-attack-exposes-microsoft-365 www.secnews.physaphae.fr/article.php?IdArticle=8666238 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Since January, threat actors distributing the malware have notched up more than 100 victims.]]> 2025-04-21T21:20:03+00:00 https://www.darkreading.com/cyberattacks-data-breaches/fog-hackers-doge-ransom-notes www.secnews.physaphae.fr/article.php?IdArticle=8665857 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actor uses sophisticated social engineering techniques to infect a victim\'s device, either with an infostealer or remote access Trojan (RAT).]]> 2025-04-21T20:40:39+00:00 https://www.darkreading.com/remote-workforce/elusive-comet-zoom-victims www.secnews.physaphae.fr/article.php?IdArticle=8665837 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations\' weak cyber hygiene.]]> 2025-04-18T20:04:40+00:00 https://www.darkreading.com/cyber-risk/ransomware-would-adapt-without-cryptocurrency www.secnews.physaphae.fr/article.php?IdArticle=8664609 False Ransomware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.]]> 2025-04-18T17:26:09+00:00 https://www.darkreading.com/cloud-security/chinese-apt-mustang-panda-4-attack-tools www.secnews.physaphae.fr/article.php?IdArticle=8664575 False Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.]]> 2025-04-18T13:01:45+00:00 https://www.darkreading.com/vulnerabilities-threats/apple-zero-days-sophisticated-attacks www.secnews.physaphae.fr/article.php?IdArticle=8664521 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The attacks have been going on since shortly after Microsoft patched the vulnerability in March.]]> 2025-04-16T21:25:24+00:00 https://www.darkreading.com/cyberattacks-data-breaches/multiple-group-exploiting-ntlm-flaw www.secnews.physaphae.fr/article.php?IdArticle=8663758 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.]]> 2025-04-16T20:58:10+00:00 https://www.darkreading.com/vulnerabilities-threats/china-linked-hackers-brickstorm-backdoors-european-networks www.secnews.physaphae.fr/article.php?IdArticle=8663759 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users\' wallet addresses with their own.]]> 2025-04-16T20:57:30+00:00 https://www.darkreading.com/threat-intelligence/android-pre-downloaded-malware-crypto-wallets www.secnews.physaphae.fr/article.php?IdArticle=8664175 False Malware,Threat,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named "Gamma" in phishing attacks.]]> 2025-04-15T20:01:22+00:00 https://www.darkreading.com/threat-intelligence/ai-powered-presentation-tool-leveraged-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=8663231 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Customer data such as birth dates, credit card numbers and driver\'s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.]]> 2025-04-15T18:37:46+00:00 https://www.darkreading.com/vulnerabilities-threats/hertz-falls-victim-cleo-zero-day-attacks www.secnews.physaphae.fr/article.php?IdArticle=8663197 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar.]]> 2025-04-15T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/china-threat-actor-unc5174-open-source-stealthy-attacks www.secnews.physaphae.fr/article.php?IdArticle=8663108 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.]]> 2025-04-14T20:25:04+00:00 https://www.darkreading.com/threat-intelligence/threat-intel-firm-crypto-dark-web-accounts www.secnews.physaphae.fr/article.php?IdArticle=8662824 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.]]> 2025-04-14T17:20:30+00:00 https://www.darkreading.com/vulnerabilities-threats/fortinet-zero-day-arbitrary-code-execution www.secnews.physaphae.fr/article.php?IdArticle=8662779 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here\'s how experts say you can get eyes on it all.]]> 2025-04-14T16:34:17+00:00 https://www.darkreading.com/threat-intelligence/chinese-apt-exploit-edr-visibility-gap-cyber-espionage www.secnews.physaphae.fr/article.php?IdArticle=8662763 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch A threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum.]]> 2025-04-14T06:00:00+00:00 https://www.darkreading.com/threat-intelligence/morocco-investigates-social-security-agency-data-leak www.secnews.physaphae.fr/article.php?IdArticle=8662558 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations.]]> 2025-04-11T19:42:08+00:00 https://www.darkreading.com/threat-intelligence/paper-werewolf-targets-flash-drives-new-malware www.secnews.physaphae.fr/article.php?IdArticle=8661855 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Gladinet\'s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.]]> 2025-04-10T21:15:36+00:00 https://www.darkreading.com/vulnerabilities-threats/zero-day-centrestack-platform-under-attack www.secnews.physaphae.fr/article.php?IdArticle=8661517 False Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Darktrace researchers detailed "spam bombing," a technique in which threat actors bombard targets with spam emails as a pretense for activity like social engineering campaigns.]]> 2025-04-10T13:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/threat-actors-spam-bombing-malicious-motives www.secnews.physaphae.fr/article.php?IdArticle=8661372 False Spam,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Google Unified Security brings together threat detection, AI-powered security, secure browser features, and Mandiant services, the company said at its Cloud Next conference.]]> 2025-04-09T22:40:04+00:00 https://www.darkreading.com/cloud-security/google-merges-security-offerings-cohesive-suite www.secnews.physaphae.fr/article.php?IdArticle=8661373 False Threat,Cloud,Conference None 3.0000000000000000 Dark Reading - Informationweek Branch Threat actors are trolling online forums and spreading malicious apps to target Uyghurs, Taiwanese, Tibetans, and other individuals aligned with interests that China sees as a threat to its authority.]]> 2025-04-09T18:19:23+00:00 https://www.darkreading.com/vulnerabilities-threats/china-continues-harassing-ethnic-groups-spyware www.secnews.physaphae.fr/article.php?IdArticle=8661207 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.]]> 2025-04-08T22:01:15+00:00 https://www.darkreading.com/application-security/microsoft-drops-another-massive-patch-update www.secnews.physaphae.fr/article.php?IdArticle=8661021 False Ransomware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Artificial intelligence poses a significant concern when it comes to nation-state cyberthreats and AI\'s ability to supercharge attacks.]]> 2025-04-08T19:39:28+00:00 https://www.darkreading.com/threat-intelligence/uk-orgs-pull-back-digital-projects-cyberwarfare www.secnews.physaphae.fr/article.php?IdArticle=8661003 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist\'s device in an attempt to install spyware.]]> 2025-04-08T16:17:21+00:00 https://www.darkreading.com/vulnerabilities-threats/android-zero-day-bugs-active-exploit www.secnews.physaphae.fr/article.php?IdArticle=8660988 False Vulnerability,Threat,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Cortex Cloud integrates Prisma Cloud with CDR to provide a consolidated security posture management and real-time threat detection and remediation.]]> 2025-04-07T22:14:51+00:00 https://www.darkreading.com/cloud-security/palo-alto-networks-begins-unified-security-rollout www.secnews.physaphae.fr/article.php?IdArticle=8660938 False Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems.]]> 2025-04-07T20:43:35+00:00 https://www.darkreading.com/vulnerabilities-threats/toddycat-apt-eset-bug-silent-malware www.secnews.physaphae.fr/article.php?IdArticle=8660818 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Layoffs may cause short-term disruptions, but they don\'t represent a catastrophic loss of cybersecurity capability - because the true cyber operations never resided solely within CISA to begin with.]]> 2025-04-04T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/cisa-layoffs-momentary-disruption-not-threat www.secnews.physaphae.fr/article.php?IdArticle=8660265 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution.]]> 2025-04-03T20:14:04+00:00 https://www.darkreading.com/vulnerabilities-threats/china-linked-threat-group-exploits-ivanti-bug www.secnews.physaphae.fr/article.php?IdArticle=8660117 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The US military and law enforcement learned to outthink insurgents. It\'s time for cybersecurity to learn to outsmart and outmaneuver threat actors with the same framework.]]> 2025-04-02T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/how-interdiction-mindset-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8659844 False Threat,Legislation None 3.0000000000000000 Dark Reading - Informationweek Branch In this roundtable, cybersecurity experts - including two former CISA executives - weigh in on alternate sources for threat intel, incident response, and other essential cybersecurity services.]]> 2025-04-01T20:13:12+00:00 https://www.darkreading.com/cybersecurity-operations/roundtable-cisa-downsizes-where-can-enterprises-look-support www.secnews.physaphae.fr/article.php?IdArticle=8659698 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.]]> 2025-04-01T14:00:00+00:00 https://www.darkreading.com/cloud-security/google-imagerunner-bug-enabled-privilege-escalation www.secnews.physaphae.fr/article.php?IdArticle=8659618 False Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch A continuation of the North Korean nation-state threat\'s campaign against employment seekers uses the social engineering attack to target CeFi organizations with the GolangGhost backdoor.]]> 2025-04-01T13:21:21+00:00 https://www.darkreading.com/cyberattacks-data-breaches/lazarus-apt-clickfix-bandwagon-attacks www.secnews.physaphae.fr/article.php?IdArticle=8659619 False Threat APT 38 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January.]]> 2025-03-31T17:57:03+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cisa-warns-resurge-malware-ivanti-vuln www.secnews.physaphae.fr/article.php?IdArticle=8659443 False Malware,Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The cybersecurity artificial intelligence (AI) model and agent will help organizations improve threat detection and incident response.]]> 2025-03-31T15:40:30+00:00 https://www.darkreading.com/cybersecurity-operations/trend-micro-cybertron-open-source-ai www.secnews.physaphae.fr/article.php?IdArticle=8659621 False Tool,Threat,Prediction None 3.0000000000000000 Dark Reading - Informationweek Branch Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.]]> 2025-03-28T20:15:41+00:00 https://www.darkreading.com/endpoint-security/evilginx-bypasses-mfa www.secnews.physaphae.fr/article.php?IdArticle=8658958 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The attack hit the Kuala Lumpur airport over the weekend, and it remains unclear who the threat actors are and what kind of information they may have stolen.]]> 2025-03-28T17:16:05+00:00 https://www.darkreading.com/cyberattacks-data-breaches/malaysia-refuses-10m-ransom-airport-cyber-breach www.secnews.physaphae.fr/article.php?IdArticle=8658930 False Ransomware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch While industry experts continue to analyze, interpret, and act on threat data, the complexity of cyber threats necessitates solutions that can quickly convert expert knowledge into machine-readable formats.]]> 2025-03-26T14:00:00+00:00 https://www.darkreading.com/threat-intelligence/beyond-stix-next-level-cyber-threat-intelligence www.secnews.physaphae.fr/article.php?IdArticle=8658346 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.]]> 2025-03-26T11:27:34+00:00 https://www.darkreading.com/cyberattacks-data-breaches/google-patches-chrome-zero-day-exploited-apt www.secnews.physaphae.fr/article.php?IdArticle=8658347 False Malware,Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Security experts worry the company\'s Chapter 11 status and aim to sell its assets could allow threat actors to exploit and misuse the genetic information it collected.]]> 2025-03-25T09:16:09+00:00 https://www.darkreading.com/cyber-risk/23andme-bankruptcy-filing-sensitive-data-at-risk www.secnews.physaphae.fr/article.php?IdArticle=8658098 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The persistent threat actor was caught using sophisticated Web shell techniques against an unnamed telecommunications company in Asia.]]> 2025-03-24T18:16:34+00:00 https://www.darkreading.com/cyberattacks-data-breaches/china-nexus-apt-weaver-ant-caught-yearslong-web-shell-attack www.secnews.physaphae.fr/article.php?IdArticle=8657901 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A threat actor posted data on Breachforums from an alleged supply-chain attack that affected more than 140K tenants, claiming to have compromised the cloud via a zero-day flaw in WebLogic, researchers say.]]> 2025-03-24T15:29:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/oracle-denies-claim-oracle-cloud-breach-6m-records www.secnews.physaphae.fr/article.php?IdArticle=8657835 False Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Raspberry Robin breaks into organizations and sells access to Russian threat actors, including the military cyber unit behind attempted coups, assassinations, and influence operations throughout Europe.]]> 2025-03-24T12:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/access-broker-russian-state-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=8658085 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch As the region continues with its ambitious road map, cybersecurity must be woven into every step of the process.]]> 2025-03-24T06:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/middle-easts-race-digitize-threat-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=8657697 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Cybersecurity vendors say threat actors\' abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated - and much harder to detect and block.]]> 2025-03-20T18:40:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/why-hard-stop-rising-malicious-tds-traffic www.secnews.physaphae.fr/article.php?IdArticle=8657020 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.]]> 2025-03-20T16:41:35+00:00 https://www.darkreading.com/cyberattacks-data-breaches/ukraine-defense-sector-attack-dark-crystal-rat www.secnews.physaphae.fr/article.php?IdArticle=8657001 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.]]> 2025-03-19T20:29:20+00:00 https://www.darkreading.com/cyber-risk/nation-state-groups-abuse-microsoft-windows-shortcut-exploit www.secnews.physaphae.fr/article.php?IdArticle=8656778 False Threat,Prediction None 2.0000000000000000 Dark Reading - Informationweek Branch A server-side request forgery vulnerability in OpenAI\'s chatbot infrastructure can allow attackers to direct users to malicious URLs, leading to a range of threat activity.]]> 2025-03-18T15:28:52+00:00 https://www.darkreading.com/cyberattacks-data-breaches/actively-exploited-chatgpt-bug-organizations-risk www.secnews.physaphae.fr/article.php?IdArticle=8656493 False Vulnerability,Threat ChatGPT 3.0000000000000000 Dark Reading - Informationweek Branch The ClickFix attack tactic seems to be gaining traction among threat actors.]]> 2025-03-17T21:49:37+00:00 https://www.darkreading.com/cyberattacks-data-breaches/compromised-car-dealership-websites-clickfix-breach www.secnews.physaphae.fr/article.php?IdArticle=8656326 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A new threat assessment from the Danish Civil Protection Authority (SAMSIK) warned of cyberattacks targeting the telecommunications sector after citing a wave of incidents hitting European organizations the past few years.]]> 2025-03-17T21:14:26+00:00 https://www.darkreading.com/threat-intelligence/denmark-warns-increased-cyber-espionage-telecom-sector www.secnews.physaphae.fr/article.php?IdArticle=8656329 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The researchers who discovered the initial assault warned that the simple, staged attack is just the beginning for advanced exploit sequences that will test cyber defenses in new and more difficult ways.]]> 2025-03-17T18:52:23+00:00 https://www.darkreading.com/vulnerabilities-threats/apache-tomcat-rce-vulnerability-exploit www.secnews.physaphae.fr/article.php?IdArticle=8656299 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Microsoft detailed a sophisticated campaign that relies on a social engineering technique, "ClickFix," in which a phisher uses security verification like captcha to give the target a false sense of safety.]]> 2025-03-14T20:07:52+00:00 https://www.darkreading.com/threat-intelligence/threat-actor-booking-com-clickfix-phishing-scheme www.secnews.physaphae.fr/article.php?IdArticle=8655809 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The Mora_001 group uses similar post-exploitation patterns and ransomware customization originated by LockBit.]]> 2025-03-14T17:25:44+00:00 https://www.darkreading.com/cyberattacks-data-breaches/actor-tied-lockbit-ransomware-targets-fortinet-users www.secnews.physaphae.fr/article.php?IdArticle=8655782 False Ransomware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.]]> 2025-03-12T20:48:51+00:00 https://www.darkreading.com/mobile-security/apple-drops-another-webkit-zero-day-bug www.secnews.physaphae.fr/article.php?IdArticle=8655377 False Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The number of zero-day vulnerabilities getting patched in Microsoft\'s March update is the company\'s second-largest ever.]]> 2025-03-11T21:25:02+00:00 https://www.darkreading.com/application-security/whopping-number-microsoft-zero-days-under-attack www.secnews.physaphae.fr/article.php?IdArticle=8655136 False Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch A Libya-linked threat actor has resurfaced, using the same old political phishing tricks to deliver AsyncRAT that have worked for years.]]> 2025-03-11T19:38:56+00:00 https://www.darkreading.com/cyberattacks-data-breaches/hot-button-facebook-ads-middle-east-africa-victims www.secnews.physaphae.fr/article.php?IdArticle=8655106 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Just like with any regular computer, researchers figured out how to crack into, force restart, and upload malware to an aftermarket in-vehicle infotainment system.]]> 2025-03-10T21:27:46+00:00 https://www.darkreading.com/vulnerabilities-threats/car-exploit-spy-drivers-real-time www.secnews.physaphae.fr/article.php?IdArticle=8655573 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities.]]> 2025-03-10T21:20:12+00:00 https://www.darkreading.com/cyberattacks-data-breaches/sidewinder-intensifies-attacks-maritime-sector www.secnews.physaphae.fr/article.php?IdArticle=8654930 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The South American-based advanced persistent threat group is using an exploit with a "high infection rate," according to research from Check Point.]]> 2025-03-10T19:38:36+00:00 https://www.darkreading.com/cyberattacks-data-breaches/apt-blind-eagle-targets-colombian-government www.secnews.physaphae.fr/article.php?IdArticle=8654919 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The group is using the Medusa malware and taking up space once held by other notable ransomware groups like LockBot, increasing its victim list to 400 and demanding astoundingly high ransoms.]]> 2025-03-07T20:04:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/spearwing-raas-cyber-threat-scene www.secnews.physaphae.fr/article.php?IdArticle=8654631 False Ransomware,Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Manufacturers and infrastructure providers are gaining options to satisfy regulations and boost cyber safety for embedded and industrial control systems, as EMB3D, STRIDE, and ATT&CK for ICS gain traction.]]> 2025-03-07T19:37:21+00:00 https://www.darkreading.com/threat-intelligence/mitre-emb3d-ot-ics-threat-modeling www.secnews.physaphae.fr/article.php?IdArticle=8654632 False Threat,Industrial None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actor, of unknown origin, is deploying a proprietary backdoor malware known as "Sagerunex" against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam.]]> 2025-03-06T02:53:22+00:00 https://www.darkreading.com/threat-intelligence/espionage-lotus-blossom-south-east-asia www.secnews.physaphae.fr/article.php?IdArticle=8654069 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.]]> 2025-03-05T21:15:32+00:00 https://www.darkreading.com/remote-workforce/china-silk-typhoon-it-supply-chain-attacks www.secnews.physaphae.fr/article.php?IdArticle=8654016 False Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The now-patched bugs are under active exploit and enable attackers to carry out a wide range of malicious activities, including escaping a virtual machine and gaining access to the underlying host.]]> 2025-03-04T22:29:43+00:00 https://www.darkreading.com/vulnerabilities-threats/vmware-zero-day-bugs-sandbox-escape www.secnews.physaphae.fr/article.php?IdArticle=8653594 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Palo Alto Networks\' Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon\'s native email tools.]]> 2025-03-04T21:26:07+00:00 https://www.darkreading.com/cloud-security/threat-actor-javaghost-targets-aws-environments-phishing-scheme www.secnews.physaphae.fr/article.php?IdArticle=8653573 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Amnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development.]]> 2025-03-04T21:06:38+00:00 https://www.darkreading.com/cyberattacks-data-breaches/serbian-police-hack-protester-phone-cellebrite-exploit-chain www.secnews.physaphae.fr/article.php?IdArticle=8653555 False Hack,Threat,Legislation,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch The addition of SnapAttack, a startup incubated by Booz Allen Hamilton\'s Darklabs, will enhance Splunk with accelerated SIEM migration and proactive threat hunting.]]> 2025-02-28T23:15:07+00:00 https://www.darkreading.com/threat-intelligence/cisco-snapattack-deal-expands-splunk-capabilities www.secnews.physaphae.fr/article.php?IdArticle=8652995 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Data poisoning represents the next big existential cybersecurity threat - unless organizations can ensure their AI systems are safe and trustworthy.]]> 2025-02-27T19:07:13+00:00 https://www.darkreading.com/vulnerabilities-threats/3-things-about-ai-data-poisoning www.secnews.physaphae.fr/article.php?IdArticle=8651664 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Companies critical to the aviation and aerospace supply chains didn\'t patch a known CVE, providing opportunity for foreign espionage.]]> 2025-02-27T14:29:30+00:00 https://www.darkreading.com/ics-ot-security/chinese-apt-vpn-bug-worldwide-ot-orgs www.secnews.physaphae.fr/article.php?IdArticle=8651637 False Threat,Industrial None 3.0000000000000000 Dark Reading - Informationweek Branch The threat group has a variety of tactics in its toolbox, including double extortion and ransomware-as-a-service.]]> 2025-02-26T21:15:54+00:00 https://www.darkreading.com/cyber-risk/anubis-threat-group-seeks-out-critical-industry-victims www.secnews.physaphae.fr/article.php?IdArticle=8651380 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actors are exploiting non-interactive sign-ins, an authentication feature that security teams don\'t typically monitor.]]> 2025-02-25T21:52:52+00:00 https://www.darkreading.com/cyberattacks-data-breaches/microsoft-365-accounts-sprayed-mega-botnet www.secnews.physaphae.fr/article.php?IdArticle=8650983 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch No matter the strategy, companies must approach securing unmanaged devices with sensitivity and respect for employee privacy.]]> 2025-02-25T15:00:00+00:00 https://www.darkreading.com/remote-workforce/unmanaged-devices-overlooked-threat-cisos-must-confront www.secnews.physaphae.fr/article.php?IdArticle=8650914 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Cyberattackers believed to be affiliated with the state-sponsored threat group pulled off the largest crypto heist reported to date, stealing $1.5 billion from exchange Bybit. It was carried out by interfering with a routine transfer between wallets.]]> 2025-02-25T10:16:39+00:00 https://www.darkreading.com/cyberattacks-data-breaches/north-korea-lazarus-crypto-heist www.secnews.physaphae.fr/article.php?IdArticle=8650949 False Threat APT 38 4.0000000000000000 Dark Reading - Informationweek Branch A patch bypass for a bug in the popular desktop emulator enables root-level privilege escalation and has no fix in sight.]]> 2025-02-24T22:36:32+00:00 https://www.darkreading.com/application-security/zero-day-bug-parallels-desktop-mac www.secnews.physaphae.fr/article.php?IdArticle=8650651 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The China-backed threat group often acts swiftly, going from initial access to compromise in just one day, a behavior atypical of cybercriminal groups.]]> 2025-02-20T19:26:50+00:00 https://www.darkreading.com/cyberattacks-data-breaches/ghost-ransomware-targets-orgs-70-countries www.secnews.physaphae.fr/article.php?IdArticle=8649353 False Ransomware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.]]> 2025-02-18T22:17:55+00:00 https://www.darkreading.com/cyberattacks-data-breaches/china-linked-threat-group-japanese-orgs-servers www.secnews.physaphae.fr/article.php?IdArticle=8648918 False Malware,Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.]]> 2025-02-18T19:02:31+00:00 https://www.darkreading.com/vulnerabilities-threats/microsoft-variant-macos-threat-xcsset www.secnews.physaphae.fr/article.php?IdArticle=8648905 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Banking fraud and financial crimes are growing more sophisticated every day. By understanding the threats and building strong collaborations, banks can protect themselves and their clients.]]> 2025-02-14T15:00:00+00:00 https://www.darkreading.com/cyber-risk/how-banks-adapt-rising-threat-financial-crime www.secnews.physaphae.fr/article.php?IdArticle=8648501 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim.]]> 2025-02-13T21:32:35+00:00 https://www.darkreading.com/cyberattacks-data-breaches/chinese-apt-emperor-dragonfly-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8648423 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to user data.]]> 2025-02-11T21:41:57+00:00 https://www.darkreading.com/endpoint-security/apple-releases-urgent-patch-usb-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=8648125 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The likely Vietnam-based threat actor has been using two zero-days in VeraCore\'s warehouse management software in some of its latest cyberattacks.]]> 2025-02-10T21:58:30+00:00 https://www.darkreading.com/cyber-risk/xe-group-shifts-card-skimming-supply-chain-attacks www.secnews.physaphae.fr/article.php?IdArticle=8647943 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch For too long, we\'ve treated our analysts as mere cogs in a machine, expecting them to conform to the limitations of our tools and processes. It\'s time to revolutionize security operations.]]> 2025-02-10T15:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/analyst-burnout-is-advanced-persistent-threat www.secnews.physaphae.fr/article.php?IdArticle=8647914 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch In an attack vector that\'s been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims.]]> 2025-02-03T15:45:46+00:00 https://www.darkreading.com/endpoint-security/one-click-phishing-campaign-high-profile-x-accounts www.secnews.physaphae.fr/article.php?IdArticle=8646573 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.]]> 2025-01-29T22:10:29+00:00 https://www.darkreading.com/endpoint-security/windows-print-spooler-security-improves-in-wake-of-printnightmare-scare www.secnews.physaphae.fr/article.php?IdArticle=8644595 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command and control servers from Pyongyang.]]> 2025-01-29T21:39:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/researchers-uncover-lazarus-admin-layer-c2-servers www.secnews.physaphae.fr/article.php?IdArticle=8644483 False Threat APT 38 3.0000000000000000 Dark Reading - Informationweek Branch VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.]]> 2025-01-29T19:54:26+00:00 https://www.darkreading.com/endpoint-security/unpatched-zyxel-cpe-zero-day-cyberattackers www.secnews.physaphae.fr/article.php?IdArticle=8644444 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.]]> 2025-01-29T18:03:01+00:00 https://www.darkreading.com/endpoint-security/mirai-variant-aquabot-exploits-mitel-phone-flaws www.secnews.physaphae.fr/article.php?IdArticle=8644401 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The impetus for CrowdStrike\'s new professional services came from last year\'s Famous Chollima threat actors, which used fake IT workers to infiltrate organizations and steal data.]]> 2025-01-28T22:57:51+00:00 https://www.darkreading.com/insider-threats/crowdstrike-highlights-magnitude-of-insider-risk www.secnews.physaphae.fr/article.php?IdArticle=8644313 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet.]]> 2025-01-28T11:46:57+00:00 https://www.darkreading.com/cloud-security/actively-exploited-fortinet-zero-day-attackers-super-admin-privileges www.secnews.physaphae.fr/article.php?IdArticle=8643940 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The Apple iOS 18.3 update fixes 28 other vulnerabilities identified by the tech company, though there is little information on them.]]> 2025-01-27T22:30:27+00:00 https://www.darkreading.com/endpoint-security/apple-patches-actively-exploited-zero-day-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=8643530 False Vulnerability,Threat None 2.0000000000000000