This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-07T15:15:05+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that\'s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. It\'s worth pointing out that the shortcoming only affects enterprise networking gear that have]]> 2023-10-17T09:42:00+00:00 https://thehackernews.com/2023/10/warning-unpatched-cisco-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8396540 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as]]> 2023-10-16T19:25:00+00:00 https://thehackernews.com/2023/10/pro-russian-hackers-exploiting-recent.html www.secnews.physaphae.fr/article.php?IdArticle=8396240 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure. Besides requesting invasive permissions to access call logs, camera, SMS messages, and external]]> 2023-10-16T17:41:00+00:00 https://thehackernews.com/2023/10/spynote-beware-of-this-android-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8396241 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS Security\'s roots are in configuration management. An astounding 35% of all security breaches begin with security settings that were misconfigured. In the past 3 years, the initial access vectors to SaaS data have widened beyond misconfiguration management. “SaaS Security on Tap” is a new video series that takes place in Eliana V\'s bar making sure that the only thing that leaks is beer (]]> 2023-10-16T17:16:00+00:00 https://thehackernews.com/2023/10/the-fast-evolution-of-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8396179 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. "After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels," it said in a series of messages posted in X (formerly]]> 2023-10-16T15:01:00+00:00 https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8396115 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed serving malicious code by utilizing Binance\'s Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting]]> 2023-10-16T10:29:00+00:00 https://thehackernews.com/2023/10/binances-smart-chain-exploited-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8396019 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said. "New features for Windows 11 include]]> 2023-10-14T11:59:00+00:00 https://thehackernews.com/2023/10/microsoft-to-phase-out-ntlm-in-favor-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395428 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also]]> 2023-10-13T20:01:00+00:00 https://thehackernews.com/2023/10/new-peapod-cyberattack-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8395186 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew\'s tactics and capabilities. The findings come from Kaspersky, which first shed light on the adversary last year, linking it to attacks against high-profile entities in Europe and Asia for nearly three]]> 2023-10-13T17:23:00+00:00 https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395127 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively.  This article will cover just some of those new developments in Q3-2023 as well as give predictions on quarters to]]> 2023-10-13T16:37:00+00:00 https://thehackernews.com/2023/10/ransomware-attacks-doubled-year-on-year.html www.secnews.physaphae.fr/article.php?IdArticle=8395108 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams. In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware. "It\'s]]> 2023-10-13T16:06:00+00:00 https://thehackernews.com/2023/10/darkgate-malware-spreading-via.html www.secnews.physaphae.fr/article.php?IdArticle=8395082 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That\'s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation\'s]]> 2023-10-13T15:55:00+00:00 https://thehackernews.com/2023/10/fbi-cisa-warn-of-rising-avoslocker.html www.secnews.physaphae.fr/article.php?IdArticle=8395083 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report today. While]]> 2023-10-12T18:47:00+00:00 https://thehackernews.com/2023/10/malicious-nuget-package-targeting-net.html www.secnews.physaphae.fr/article.php?IdArticle=8394742 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value," the AhnLab Security Emergency response Center (ASEC)]]> 2023-10-12T16:57:00+00:00 https://thehackernews.com/2023/10/shellbot-uses-hex-ips-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8394707 True Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive business data into ChatGPT, or similar applications. DLP solutions, the go-to solution for similar challenges, are]]> 2023-10-12T16:03:00+00:00 https://thehackernews.com/2023/10/how-to-guard-your-data-from-exposure-in.html www.secnews.physaphae.fr/article.php?IdArticle=8394708 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant\'s threat intelligence team is tracking the operator as Storm-1567. The attack leveraged devices that were not onboarded to Microsoft]]> 2023-10-12T15:59:00+00:00 https://thehackernews.com/2023/10/microsoft-defender-thwarts-akira.html www.secnews.physaphae.fr/article.php?IdArticle=8394709 False Ransomware,Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site. "Complete with a professional looking opening comment implying it is a caching plugin, this rogue code contains numerous functions, adds filters to prevent itself from being included in the list]]> 2023-10-12T14:46:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-malware-posing-as.html www.secnews.physaphae.fr/article.php?IdArticle=8394665 False Malware None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) High-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that\'s designed to deploy basic backdoors and loaders for delivering next-stage malware. Cybersecurity company Check Point is tracking the activity under the name Stayin\' Alive. Targets include organizations located in Vietnam, Uzbekistan, Pakistan, and Kazakhstan. "The simplistic]]> 2023-10-12T11:50:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8394628 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution. The list of vulnerabilities is as follows - CVE-2023-38545 (CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability CVE-2023-38546 (CVSS score: 5.0) - Cookie injection with none file CVE-2023-38545 is the more severe of the]]> 2023-10-12T10:09:00+00:00 https://thehackernews.com/2023/10/two-high-risk-security-flaws-discovered.html www.secnews.physaphae.fr/article.php?IdArticle=8394604 False Vulnerability None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August. Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv Composer plugin (CVE-2023-3169, CVSS score: 6.1) that could be exploited by unauthenticated users to]]> 2023-10-11T18:11:00+00:00 https://thehackernews.com/2023/10/over-17000-wordpress-sites-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8394300 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the]]> 2023-10-11T17:56:00+00:00 https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html www.secnews.physaphae.fr/article.php?IdArticle=8394301 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Passwords are at the core of securing access to an organization\'s data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts. Instead of creating a strong and unique password for each account, they resort to easy-to-remember passwords, or use the same password]]> 2023-10-11T17:32:00+00:00 https://thehackernews.com/2023/10/take-offensive-approach-to-password.html www.secnews.physaphae.fr/article.php?IdArticle=8394302 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws, 13 are rated Critical and 90 are rated Important in severity. This is apart from 18 security vulnerabilities addressed in its Chromium-based Edge browser since the second Tuesday of September. The two]]> 2023-10-11T12:30:00+00:00 https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html www.secnews.physaphae.fr/article.php?IdArticle=8394211 False Patching None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor it tracks as Storm-0062 (aka DarkShadow or Oro0lxy). The tech giant\'s threat intelligence team said it observed in-the-wild abuse of the vulnerability since September 14, 2023. "CVE-2023-22515 is a critical privilege escalation vulnerability in]]> 2023-10-11T09:42:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-nation-state-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8394187 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487,]]> 2023-10-10T20:54:00+00:00 https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8393814 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday announced the ability for all users to set up passkeys by default, five months after it rolled out support for the FIDO Alliance-backed passwordless standard for Google Accounts on all platforms. "This means the next time you sign in to your account, you\'ll start seeing prompts to create and use passkeys, simplifying your future sign-ins," Google\'s Sriram Karra and Christiaan]]> 2023-10-10T18:20:00+00:00 https://thehackernews.com/2023/10/google-adopts-passkeys-as-default-sign.html www.secnews.physaphae.fr/article.php?IdArticle=8393745 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Certain online risks to children are on the rise, according to a recent report from Thorn, a technology nonprofit whose mission is to build technology to defend children from sexual abuse. Research shared in the Emerging Online Trends in Child Sexual Abuse 2023 report, indicates that minors are increasingly taking and sharing sexual images of themselves. This activity may occur consensually or]]> 2023-10-10T15:58:00+00:00 https://thehackernews.com/2023/10/new-report-child-sexual-abuse-content.html www.secnews.physaphae.fr/article.php?IdArticle=8393686 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor of unknown provenance has been linked to a number of attacks targeting organizations in the manufacturing, IT, and biomedical sectors in Taiwan. The Symantec Threat Hunter Team, part of Broadcom, attributed the attacks to an advanced persistent threat (APT) it tracks under the name Grayling. Evidence shows that the campaign began in February 2023 and]]> 2023-10-10T15:55:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-grayling-apts.html www.secnews.physaphae.fr/article.php?IdArticle=8393687 False Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated Magecart campaign has been observed manipulating websites\' default 404 error page to conceal malicious code in what\'s been described as the latest evolution of the attacks. The activity, per Akamai, targets Magento and WooCommerce websites, with some of the victims belonging to large organizations in the food and retail industries. "In this campaign, all the victim websites we]]> 2023-10-10T14:50:00+00:00 https://thehackernews.com/2023/10/new-magecart-campaign-alters-404-error.html www.secnews.physaphae.fr/article.php?IdArticle=8393656 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior. libcue is incorporated into]]> 2023-10-10T12:20:00+00:00 https://thehackernews.com/2023/10/libcue-library-flaw-opens-gnome-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8393512 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign. IBM X-Force, which uncovered the activity last month, said adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user]]> 2023-10-10T11:22:00+00:00 https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html www.secnews.physaphae.fr/article.php?IdArticle=8393513 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of a larger China-based operation codenamed BADBOX, which also entails selling off-brand mobile and connected TV (CTV) devices on popular online retailers and resale sites that are backdoored with an]]> 2023-10-09T21:37:00+00:00 https://thehackernews.com/2023/10/peachpit-massive-ad-fraud-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8393319 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and]]> 2023-10-09T18:06:00+00:00 https://thehackernews.com/2023/10/cybercriminals-using-evilproxy-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8393243 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving technological landscape, the integration of Artificial Intelligence (AI) and Large Language Models (LLMs) has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex vulnerabilities and unforeseen risks that demand immediate attention from cybersecurity professionals]]> 2023-10-09T17:25:00+00:00 https://thehackernews.com/2023/10/webinar-how-vcisos-can-navigating.html www.secnews.physaphae.fr/article.php?IdArticle=8393136 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) "Of course, here\'s an example of simple code in the Python programming language that can be associated with the keywords "MyHotKeyHandler," "Keylogger," and "macOS," this is a message from ChatGPT followed by a piece of malicious code and a brief remark not to use it for illegal purposes. Initially published by Moonlock Lab, the screenshots of ChatGPT writing code for a keylogger malware is yet]]> 2023-10-09T16:36:00+00:00 https://thehackernews.com/2023/10/i-had-dream-and-generative-ai-jailbreaks.html www.secnews.physaphae.fr/article.php?IdArticle=8393137 False Malware ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO\'s ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device]]> 2023-10-09T16:19:00+00:00 https://thehackernews.com/2023/10/high-severity-flaws-in-connectedios.html www.secnews.physaphae.fr/article.php?IdArticle=8393138 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the Curl library have released an advisory warning of two forthcoming security vulnerabilities that are expected to be addressed as part of updates released on October 11, 2023. This includes a high severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version ranges]]> 2023-10-09T16:02:00+00:00 https://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8393139 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations. Microsoft, which revealed details of the activity in its fourth annual Digital Defense Report, is tracking the campaign under the name Storm-1133. "We assess this group works to further the interests of Hamas, a Sunni militant group that is]]> 2023-10-09T08:45:00+00:00 https://thehackernews.com/2023/10/gaza-linked-cyber-threat-actor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8392963 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group linked to the theft of roughly $900 million of those proceeds between July 2022 and July of this year. "As traditional entities such as mixers continue to be subject to seizures and sanctions scrutiny, the crypto crime displacement to chain- or asset-hopping]]> 2023-10-06T20:26:00+00:00 https://thehackernews.com/2023/10/north-koreas-lazarus-group-launders-900.html www.secnews.physaphae.fr/article.php?IdArticle=8392275 False None APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, per EclecticIQ, leverages a backdoor called HyperBro, which is then used as a conduit to deploy the commercial attack simulation software and post-exploitation toolkit.]]> 2023-10-06T17:19:00+00:00 https://thehackernews.com/2023/10/chinese-hackers-target-semiconductor.html www.secnews.physaphae.fr/article.php?IdArticle=8392211 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result in financial and reputational damage but also lead to legal consequences. Therefore, robust data access security measures are essential to safeguard an organization\'s assets, maintain customer trust, and meet regulatory requirements.  A]]> 2023-10-06T15:51:00+00:00 https://thehackernews.com/2023/10/new-os-tool-tells-you-who-has-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8392178 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has announced an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon Web Services (AWS), Microsoft, Google, and Slack. Validity checks, introduced by the Microsoft subsidiary earlier this year, alert users whether exposed tokens found by secret scanning are active, thereby allowing for effective remediation measures. It was first]]> 2023-10-06T14:23:00+00:00 https://thehackernews.com/2023/10/githubs-secret-scanning-feature-now.html www.secnews.physaphae.fr/article.php?IdArticle=8392159 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs) that could result in privilege escalation and execution of malicious code on affected systems. The seven flaws, tracked from CVE-2023-40284 through CVE-2023-40290, vary in severity from High to Critical, according to Binarly]]> 2023-10-06T11:32:00+00:00 https://thehackernews.com/2023/10/supermicros-bmc-firmware-found.html www.secnews.physaphae.fr/article.php?IdArticle=8392121 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted Qakbot operators\' spam delivery infrastructure but rather only their]]> 2023-10-05T18:48:00+00:00 https://thehackernews.com/2023/10/qakbot-threat-actors-still-in-action.html www.secnews.physaphae.fr/article.php?IdArticle=8391856 False Ransomware,Spam,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during]]> 2023-10-05T17:32:00+00:00 https://thehackernews.com/2023/10/cisco-releases-urgent-patch-to-fix.html www.secnews.physaphae.fr/article.php?IdArticle=8391822 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low]]> 2023-10-05T16:18:00+00:00 https://thehackernews.com/2023/10/analysis-and-config-extraction-of.html www.secnews.physaphae.fr/article.php?IdArticle=8391803 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant written in C++ called DinodasRAT. The Slovak cybersecurity firm said it could link the intrusion to a known threat actor or group,]]> 2023-10-05T16:09:00+00:00 https://thehackernews.com/2023/10/guyana-governmental-entity-hit-by.html www.secnews.physaphae.fr/article.php?IdArticle=8391804 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims\' funds and backdoor infected devices. "The malware targets more than 50 Vietnamese banking, e-wallet and crypto wallet applications," Group-IB said. "There are indications that this threat might be poised to extend its reach across the wider APAC region and to]]> 2023-10-05T15:26:00+00:00 https://thehackernews.com/2023/10/golddigger-android-trojan-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8391805 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability]]> 2023-10-05T15:00:00+00:00 https://thehackernews.com/2023/10/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8391786 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said it addressed the problem with improved checks. "Apple is aware of a report that this issue may have]]> 2023-10-05T09:12:00+00:00 https://thehackernews.com/2023/10/apple-rolls-out-security-patches-for.html www.secnews.physaphae.fr/article.php?IdArticle=8391718 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as CVE-2023-22515, is remotely exploitable and allows external attackers to create unauthorized Confluence administrator accounts and access Confluence servers. It does not impact Confluence versions prior to]]> 2023-10-05T08:58:00+00:00 https://thehackernews.com/2023/10/atlassian-confluence-hit-by-newly.html www.secnews.physaphae.fr/article.php?IdArticle=8391719 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed to the Chinese nation-state group APT41. On]]> 2023-10-04T20:39:00+00:00 https://thehackernews.com/2023/10/researchers-link-dragonegg-android.html www.secnews.physaphae.fr/article.php?IdArticle=8391492 False Malware,Tool APT 41,APT 41 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be launched for $1,500 a year. If the name Wing Security (Wing) rings a bell, it is probably because earlier this year,]]> 2023-10-04T17:24:00+00:00 https://thehackernews.com/2023/10/wing-disrupts-market-by-introducing.html www.secnews.physaphae.fr/article.php?IdArticle=8391408 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what\'s an instance of a typosquatting campaign. It was downloaded 704]]> 2023-10-04T16:46:00+00:00 https://thehackernews.com/2023/10/rogue-npm-package-deploys-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8391409 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target\'s environment," security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen said in a Tuesday report. "This allowed the]]> 2023-10-04T15:48:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-cyber-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8391371 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library\'s ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges. Tracked as CVE-2023-4911 (CVSS score: 7.8), the issue is a buffer overflow that resides in the dynamic loader\'s processing of the GLIBC_TUNABLES]]> 2023-10-04T12:51:00+00:00 https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8391312 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity. "There are indications from Google Threat Analysis Group and Google Project Zero that CVE-2023-33106, CVE-2023-33107,]]> 2023-10-03T22:07:00+00:00 https://thehackernews.com/2023/10/qualcomm-releases-patch-for-3-new-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8391073 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities ShellTorch. "These vulnerabilities [...] can lead to a full chain Remote]]> 2023-10-03T21:54:00+00:00 https://thehackernews.com/2023/10/warning-pytorch-models-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8391074 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data from developer systems, according to findings from Fortinet FortiGuard Labs. One set of packages – named @expue/webpack, @expue/core, @expue/vue3-renderer, @fixedwidthtable/fixedwidthtable, and @virtualsearchtable/virtualsearchtable – harbored an obfuscated]]> 2023-10-03T20:29:00+00:00 https://thehackernews.com/2023/10/over-3-dozen-data-stealing-malicious.html www.secnews.physaphae.fr/article.php?IdArticle=8391037 False Threat,General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their own applications. However, this increased reliance on]]> 2023-10-03T17:22:00+00:00 https://thehackernews.com/2023/10/api-security-trends-2023-have.html www.secnews.physaphae.fr/article.php?IdArticle=8390932 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security Configuration Assessment (SCA) is critical to an organization\'s cybersecurity strategy. SCA aims to discover vulnerabilities and misconfigurations that malicious actors exploit to gain unauthorized access to systems and data. Regular security configuration assessments are essential in maintaining a secure and compliant environment, as this minimizes the risk of cyber attacks. The]]> 2023-10-03T17:18:00+00:00 https://thehackernews.com/2023/10/protecting-your-it-infrastructure-with.html www.secnews.physaphae.fr/article.php?IdArticle=8390933 False Vulnerability,Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Firewall and distributed denial-of-service (DDoS) attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls, defeating the very purpose of these safeguards, it has emerged. "Attackers can utilize their own Cloudflare accounts to abuse the per-design trust-relationship between Cloudflare and the customers\' websites, rendering the]]> 2023-10-03T14:59:00+00:00 https://thehackernews.com/2023/10/researcher-reveal-new-technique-to.html www.secnews.physaphae.fr/article.php?IdArticle=8390869 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts the following driver versions - Midgard GPU Kernel Driver: All versions from r12p0 - r32p0 Bifrost GPU Kernel Driver: All versions from r0p0 - r42p0 Valhall GPU Kernel Driver: All versions from r19p0 -]]> 2023-10-03T10:28:00+00:00 https://thehackernews.com/2023/10/arm-issues-patch-for-mali-gpu-kernel.html www.secnews.physaphae.fr/article.php?IdArticle=8390786 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, Hospitality,]]> 2023-10-02T16:51:00+00:00 https://thehackernews.com/2023/10/lucr-3-scattered-spider-getting-saas-y.html www.secnews.physaphae.fr/article.php?IdArticle=8390455 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction In today\'s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive]]> 2023-10-02T16:51:00+00:00 https://thehackernews.com/2023/10/apis-unveiling-silent-killer-of-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8390454 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with web skimmers for more than a year. The BlackBerry Research and Intelligence Team is tracking the activity under the name Silent Skimmer, attributing it to an actor who is knowledgeable in the Chinese language. Prominent victims include online businesses and]]> 2023-10-02T16:50:00+00:00 https://thehackernews.com/2023/10/silent-skimmer-year-long-web-skimming.html www.secnews.physaphae.fr/article.php?IdArticle=8390456 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that could have adverse impacts when importing a specially crafted project in versions 3.7.3 and below. "Although OpenRefine]]> 2023-10-02T13:32:00+00:00 https://thehackernews.com/2023/10/openrefines-zip-slip-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8390402 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that\'s being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credentials and system information, and much more," Zscaler ThreatLabz researchers Niraj Shivtarkar and]]> 2023-10-02T11:01:00+00:00 https://thehackernews.com/2023/10/bunnyloader-new-malware-as-service.html www.secnews.physaphae.fr/article.php?IdArticle=8390353 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis\'s main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the Accessibility permissions in order to take full control of the device," Kaspersky said in an]]> 2023-10-02T10:32:00+00:00 https://thehackernews.com/2023/10/zanubis-android-banking-trojan-poses-as.html www.secnews.physaphae.fr/article.php?IdArticle=8390327 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. "During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal," the FBI said in an alert. "Variants]]> 2023-09-30T15:19:00+00:00 https://thehackernews.com/2023/09/fbi-warns-of-rising-trend-of-dual.html www.secnews.physaphae.fr/article.php?IdArticle=8389842 False Ransomware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware," Trend Micro researchers Mohamed Fahmy and Mahmoud Zohdy]]> 2023-09-30T14:51:00+00:00 https://thehackernews.com/2023/09/iranian-apt-group-oilrig-using-new.html www.secnews.physaphae.fr/article.php?IdArticle=8389819 False Malware,Prediction APT 34 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability]]> 2023-09-30T09:44:00+00:00 https://thehackernews.com/2023/09/new-critical-security-flaws-expose-exim.html www.secnews.physaphae.fr/article.php?IdArticle=8389745 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.," Kaspersky said in an analysis published this week. DoubleFinger was first]]> 2023-09-29T22:13:00+00:00 https://thehackernews.com/2023/09/cybercriminals-using-new-asmcrypt.html www.secnews.physaphae.fr/article.php?IdArticle=8389581 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta. "Employees of the targeted company were contacted by a fake recruiter via LinkedIn and tricked into opening a malicious executable file presenting itself as a coding]]> 2023-09-29T17:40:00+00:00 https://thehackernews.com/2023/09/lazarus-group-impersonates-recruiter.html www.secnews.physaphae.fr/article.php?IdArticle=8389485 False Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it\'s keeping them up tonight.  Today, many rely on encryption in their daily lives to protect their fundamental digital privacy and security, whether for messaging friends and family, storing files and photos, or]]> 2023-09-29T17:18:00+00:00 https://thehackernews.com/2023/09/post-quantum-cryptography-finally-real.html www.secnews.physaphae.fr/article.php?IdArticle=8389465 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious ads served inside Microsoft Bing\'s artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft in February 2023, Bing Chat is an]]> 2023-09-29T14:43:00+00:00 https://thehackernews.com/2023/09/microsofts-ai-powered-bing-chat-ads-may.html www.secnews.physaphae.fr/article.php?IdArticle=8389414 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a]]> 2023-09-29T11:45:00+00:00 https://thehackernews.com/2023/09/progress-software-releases-urgent.html www.secnews.physaphae.fr/article.php?IdArticle=8389366 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts all versions of the software that have the GDOI or G-IKEv2 protocol enabled. The]]> 2023-09-29T08:32:00+00:00 https://thehackernews.com/2023/09/cisco-warns-of-vulnerability-in-ios-and.html www.secnews.physaphae.fr/article.php?IdArticle=8389325 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project\'s defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code]]> 2023-09-28T22:52:00+00:00 https://thehackernews.com/2023/09/github-repositories-hit-by-password.html www.secnews.physaphae.fr/article.php?IdArticle=8389148 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a malicious cyber actor dubbed BlackTech by the U.S. National Security Agency (NSA), Federal Bureau of]]> 2023-09-28T19:17:00+00:00 https://thehackernews.com/2023/09/chinas-blacktech-hacking-group.html www.secnews.physaphae.fr/article.php?IdArticle=8389064 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today\'s SaaS-centric world. The limitations of Browser Isolation, such as degraded browser performance and inability to tackle]]> 2023-09-28T16:43:00+00:00 https://thehackernews.com/2023/09/the-dark-side-of-browser-isolation-and.html www.secnews.physaphae.fr/article.php?IdArticle=8389027 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took place in August 2023, with the adversary deploying an improved version of its SysUpdate toolkit, the Symantec Threat Hunter Team,]]> 2023-09-28T15:43:00+00:00 https://thehackernews.com/2023/09/china-linked-budworm-targeting-middle.html www.secnews.physaphae.fr/article.php?IdArticle=8389005 False Malware,Threat APT 27 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). Exploitation of such buffer overflow flaws can]]> 2023-09-28T08:43:00+00:00 https://thehackernews.com/2023/09/update-chrome-now-google-releases-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8388898 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," adding that "the phishing attack activity captured this time is part of the attacker\'s targeted strike on]]> 2023-09-27T20:12:00+00:00 https://thehackernews.com/2023/09/red-cross-themed-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8388434 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. "This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at Austin, Carnegie Mellon University, University of]]> 2023-09-27T18:25:00+00:00 https://thehackernews.com/2023/09/researchers-uncover-new-gpu-side.html www.secnews.physaphae.fr/article.php?IdArticle=8388393 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data security is in the headlines often, and it\'s almost never for a positive reason. Major breaches, new ways to hack into an organization\'s supposedly secure data, and other threats make the news because well, it\'s scary - and expensive.  Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but they are even more costly when they occur, with the]]> 2023-09-27T16:53:00+00:00 https://thehackernews.com/2023/09/new-survey-uncovers-how-companies-are.html www.secnews.physaphae.fr/article.php?IdArticle=8388299 False Ransomware,Malware,Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware strain called ZenRAT has emerged in the wild that\'s distributed via bogus installation packages of the Bitwarden password manager. "The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report. "The malware is a modular remote access trojan (RAT) with information]]> 2023-09-27T14:08:00+00:00 https://thehackernews.com/2023/09/new-zenrat-malware-targeting-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8388261 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild. Tracked as CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the CVSS rating system. It has been described as an issue rooted in the Huffman coding algorithm - With a specially]]> 2023-09-27T10:53:00+00:00 https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8388219 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system. The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric information to complete the step. Based on FIDO standards, Passkeys were first announced in May]]> 2023-09-26T22:34:00+00:00 https://thehackernews.com/2023/09/microsoft-is-rolling-out-support-for.html www.secnews.physaphae.fr/article.php?IdArticle=8388076 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs," Group-IB and Bridewell said in a new joint report. The actor, active since]]> 2023-09-26T21:26:00+00:00 https://thehackernews.com/2023/09/shadowsyndicate-new-cybercrime-group.html www.secnews.physaphae.fr/article.php?IdArticle=8388055 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SOC 2, ISO, HIPAA, Cyber Essentials – all the security frameworks and certifications today are an acronym soup that can make even a compliance expert\'s head spin. If you\'re embarking on your compliance journey, read on to discover the differences between standards, which is best for your business, and how vulnerability management can aid compliance. What is cybersecurity compliance?]]> 2023-09-26T17:20:00+00:00 https://thehackernews.com/2023/09/essential-guide-to-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8387980 False Vulnerability,General Information,Legislation,Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent]]> 2023-09-26T17:19:00+00:00 https://thehackernews.com/2023/09/xenomorph-banking-trojan-new-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8387981 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How To Use This Report Enhance situational awareness of techniques used by threat actors Identify potential attacks targeting your industry Gain insights to help improve and accelerate your organization\'s threat response Summary of Findings The Network Effect Threat Report offers insights based on unique data from Fastly\'s Next-Gen WAF from Q2 2023 (April 1, 2023 to June 30, 2023). This report]]> 2023-09-26T16:02:00+00:00 https://thehackernews.com/2023/09/threat-report-high-tech-industry.html www.secnews.physaphae.fr/article.php?IdArticle=8387963 False Threat,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future\'s Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese military intelligence and poses a significant threat to academic, aerospace and defense, government,]]> 2023-09-26T15:19:00+00:00 https://thehackernews.com/2023/09/chinese-hackers-tag-74-targets-south.html www.secnews.physaphae.fr/article.php?IdArticle=8387932 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6,]]> 2023-09-26T10:30:00+00:00 https://thehackernews.com/2023/09/critical-jetbrains-teamcity-flaw-could.html www.secnews.physaphae.fr/article.php?IdArticle=8387874 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface," Securonix researchers Den]]> 2023-09-25T18:35:00+00:00 https://thehackernews.com/2023/09/ukrainian-military-targeted-in-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8387609 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are unleashing waves of productivity across the business, from IT, to customer experience, to engineering. That\'s on the one hand.  On the other end of this fencing match: risk. From IP leakage and data privacy risks to the empowering of cybercriminals with AI tools, generative AI]]> 2023-09-25T17:11:00+00:00 https://thehackernews.com/2023/09/watch-webinar-ai-vs-ai-harnessing-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8387573 False Tool ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Weak password policies leave organizations vulnerable to attacks. But are the standard password complexity requirements enough to secure them? 83% of compromised passwords would satisfy the password complexity and length requirements of compliance standards. That\'s because bad actors already have access to billions of stolen credentials that can be used to compromise additional accounts by]]> 2023-09-25T16:49:00+00:00 https://thehackernews.com/2023/09/are-you-willing-to-pay-high-cost-of.html www.secnews.physaphae.fr/article.php?IdArticle=8387574 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. "The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users," Volexity security researchers Callum Roxan, Paul]]> 2023-09-25T16:04:00+00:00 https://thehackernews.com/2023/09/from-watering-hole-to-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8387555 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously on the same victims\' machines, each cluster is characterized by distinct tools, modus operandi and infrastructure," Palo Alto]]> 2023-09-25T12:15:00+00:00 https://thehackernews.com/2023/09/new-report-uncovers-three-distinct.html www.secnews.physaphae.fr/article.php?IdArticle=8387516 False Threat None 2.0000000000000000