This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-02T22:53:32+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, @am-fe/watermark-core,]]> 2023-09-20T15:43:00+00:00 https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8385760 False None Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. "Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity," enterprise security firm Proofpoint said in a report shared with The]]> 2023-09-20T15:26:00+00:00 https://thehackernews.com/2023/09/sophisticated-phishing-campaign_20.html www.secnews.physaphae.fr/article.php?IdArticle=8385761 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading the Extended Triple Diffie-Hellman (X3DH) specification to Post-Quantum Extended Diffie-Hellman (PQXDH). "With this upgrade, we are adding a layer of protection against the threat of a quantum computer being built in the future that is powerful enough to break current]]> 2023-09-20T14:59:00+00:00 https://thehackernews.com/2023/09/signal-messenger-introduces-pqxdh.html www.secnews.physaphae.fr/article.php?IdArticle=8385730 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user. The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4. "It was possible for an attacker to run pipelines as an arbitrary user via scheduled]]> 2023-09-20T12:48:00+00:00 https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html www.secnews.physaphae.fr/article.php?IdArticle=8385714 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), it relates to a third-party antivirus uninstaller module that\'s bundled along with the software. The complete list of impacted]]> 2023-09-20T10:58:00+00:00 https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html www.secnews.physaphae.fr/article.php?IdArticle=8385635 False Vulnerability,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. "HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the]]> 2023-09-19T18:05:00+00:00 https://thehackernews.com/2023/09/shroudedsnoopers-httpsnoop-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8385299 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Targets located in Azerbaijan have been singled out as part of a new campaign that\'s designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor or group. "The operation has at least two different initial access vectors," security researchers]]> 2023-09-19T17:35:00+00:00 https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html www.secnews.physaphae.fr/article.php?IdArticle=8385300 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe.  Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its functionality and solidified its staying power.  The analyst team at ANY.RUN came across the newest]]> 2023-09-19T17:02:00+00:00 https://thehackernews.com/2023/09/inside-code-of-new-xworm-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8385301 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary\'s attacks against public and private sector entities across Asia, Australia, Europe, North America. Active since 2021, the group has relied on]]> 2023-09-19T16:40:00+00:00 https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8385302 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the adoption of generative AI tools, like ChatGPT, continues to surge, so does the risk of data exposure. According to Gartner\'s "Emerging Tech: Top 4 Security Risks of GenAI" report, privacy and data security is one of the four major emerging risks within generative AI. A new webinar featuring a multi-time Fortune 100 CISO and the CEO of LayerX, a browser extension solution, delves into this]]> 2023-09-19T15:59:00+00:00 https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8385252 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. VulnCheck, which discovered a new exploit for CVE-2023-36845, said it could be exploited by an "unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system." CVE-2023-36845 refers to a]]> 2023-09-19T15:00:00+00:00 https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html www.secnews.physaphae.fr/article.php?IdArticle=8385232 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT mobile remote access trojan (RAT), demonstrating the continued evolution of the activity. "CapraRAT is a highly invasive tool that gives the attacker control over much of the data on the Android devices that it infects," SentinelOne security]]> 2023-09-19T12:26:00+00:00 https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html www.secnews.physaphae.fr/article.php?IdArticle=8385200 False Malware,Tool,Threat APT 36 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company\'s AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source training data, Wiz said. It also included a disk backup of two former employees\' workstations containing secrets]]> 2023-09-19T09:35:00+00:00 https://thehackernews.com/2023/09/microsoft-ai-researchers-accidentally.html www.secnews.physaphae.fr/article.php?IdArticle=8385154 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS]]> 2023-09-18T18:00:00+00:00 https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8384864 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA (Multi-Factor Authentication) and PAM (Privileged Access Management) solutions are almost never deployed comprehensively enough to provide resilience to identity]]> 2023-09-18T17:51:00+00:00 https://thehackernews.com/2023/09/think-your-mfa-and-pam-solutions.html www.secnews.physaphae.fr/article.php?IdArticle=8384865 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new analysis of the Android banking trojan known as Hook has revealed that it\'s based on its predecessor called ERMAC. "The ERMAC source code was used as a base for Hook," NCC Group security researchers Joshua Kamp and Alberto Segura said in a technical analysis published last week. "All commands (30 in total) that the malware operator can send to a device infected with ERMAC malware, also]]> 2023-09-18T17:41:00+00:00 https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html www.secnews.physaphae.fr/article.php?IdArticle=8384866 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for making the breach worse, calling it a "dark pattern." "The fact that Google Authenticator syncs to]]> 2023-09-18T12:30:00+00:00 https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html www.secnews.physaphae.fr/article.php?IdArticle=8384764 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actor known as UNC3944 is pivoting to ransomware deployment as part of an expansion to its monetization strategies, Mandiant has revealed. "UNC3944 has demonstrated a stronger focus on stealing large amounts of sensitive data for extortion purposes and they appear to understand Western business practices, possibly due to the geographical composition of the group,]]> 2023-09-18T08:46:00+00:00 https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8384683 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-affiliated Lazarus Group has stolen nearly $240 million in cryptocurrency since June 2023, marking a significant escalation of its hacks. According to multiple reports from Certik, Elliptic, and ZachXBT, the infamous hacking group is said to be suspected behind the theft of $31 million in digital assets from the CoinEx exchange on September 12, 2023. The crypto heist aimed at]]> 2023-09-17T12:02:00+00:00 https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html www.secnews.physaphae.fr/article.php?IdArticle=8384403 False None APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Irish Data Protection Commission (DPC) slapped TikTok with a €345 million (about $368 million) fine for violating the European Union\'s General Data Protection Regulation (GDPR) in relation to its handling of children\'s data. The investigation, initiated in September 2021, examined how the popular short-form video platform processed personal data relating to child users (those between the]]> 2023-09-16T18:30:00+00:00 https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8384130 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1 2023. The MOVEit attack has claimed over 600 victims so far and that number is still]]> 2023-09-15T16:43:00+00:00 https://thehackernews.com/2023/09/the-interdependence-between-automated.html www.secnews.physaphae.fr/article.php?IdArticle=8383674 False Ransomware,Data Breach,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company\'s location-privacy practices misled consumers and violated consumer protection laws. "Our investigation revealed that Google was telling its users one thing – that it would no longer track their location once they opted out – but doing the opposite and continuing to]]> 2023-09-15T16:40:00+00:00 https://thehackernews.com/2023/09/google-agrees-to-93-million-settlement.html www.secnews.physaphae.fr/article.php?IdArticle=8383675 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims\' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities.  "The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology]]> 2023-09-15T15:50:00+00:00 https://thehackernews.com/2023/09/nodestealer-malware-now-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8383661 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they\'re uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and exchange]]> 2023-09-15T15:34:00+00:00 https://thehackernews.com/2023/09/ddos-20-iot-sparks-new-ddos-alert.html www.secnews.physaphae.fr/article.php?IdArticle=8383662 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates. "This suggests that the threat actors are streamlining operations by making their techniques multipurpose," Trend Micro researchers said in a new analysis published this]]> 2023-09-15T14:19:00+00:00 https://thehackernews.com/2023/09/cybercriminals-combine-phishing-and-ev.html www.secnews.physaphae.fr/article.php?IdArticle=8383639 False Ransomware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense, and pharmaceutical sectors to likely facilitate]]> 2023-09-15T09:44:00+00:00 https://thehackernews.com/2023/09/iranian-nation-state-actors-employ.html www.secnews.physaphae.fr/article.php?IdArticle=8383564 False Threat APT 33 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program\'s context or perform other malicious]]> 2023-09-14T19:37:00+00:00 https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html www.secnews.physaphae.fr/article.php?IdArticle=8382693 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system. The campaign, which took place between 2020 and 2022, is no longer active. "]]> 2023-09-14T18:48:00+00:00 https://thehackernews.com/2023/09/free-download-manager-site-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8382668 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Employee offboarding is no one\'s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That\'s easier said than done, especially considering that IT organizations have less visibility and control over employees\' IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and wherever they want, and the old IT]]> 2023-09-14T17:06:00+00:00 https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html www.secnews.physaphae.fr/article.php?IdArticle=8382651 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in N-Able\'s Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges. Tracked as CVE-2023-27470 (CVSS score: 8.8), the issue relates to a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability, which, when successfully exploited, could be leveraged to delete arbitrary files on a Windows]]> 2023-09-14T15:22:00+00:00 https://thehackernews.com/2023/09/n-ables-take-control-agent.html www.secnews.physaphae.fr/article.php?IdArticle=8382618 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group\'s Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner of Meduza, an independent news publication]]> 2023-09-14T14:21:00+00:00 https://thehackernews.com/2023/09/russian-journalists-iphone-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8382573 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the vulnerabilities were released on August]]> 2023-09-13T19:35:00+00:00 https://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8382342 False Vulnerability Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics service that could be weaponized by a threat actor to carry out malicious activities. "The identified vulnerabilities consisted of six stored XSS and two reflected XSS vulnerabilities, each of which could be exploited to perform unauthorized actions,]]> 2023-09-13T19:01:00+00:00 https://thehackernews.com/2023/09/researchers-detail-8-vulnerabilities-in.html www.secnews.physaphae.fr/article.php?IdArticle=8382318 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster innovation. But with great power comes great responsibility. As organizations integrate more SaaS applications into their workflows, they inadvertently open the door to a new era of security threats. The stakes? Your invaluable data and the trust]]> 2023-09-13T17:16:00+00:00 https://thehackernews.com/2023/09/webinar-identity-threat-detection.html www.secnews.physaphae.fr/article.php?IdArticle=8382301 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit (aka Bitwise Spider or Syrphid) in the target network. "3AM is written in Rust and appears to be a completely new malware family," the Symantec Threat Hunter Team, part of Broadcom, said in]]> 2023-09-13T15:26:00+00:00 https://thehackernews.com/2023/09/rust-written-3am-ransomware-sneak-peek.html www.secnews.physaphae.fr/article.php?IdArticle=8382266 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole.  From]]> 2023-09-13T15:26:00+00:00 https://thehackernews.com/2023/09/how-cyberattacks-are-transforming.html www.secnews.physaphae.fr/article.php?IdArticle=8382265 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as lures to infiltrate corporate networks. The tech giant\'s Threat Intelligence team is tracking the cluster under the name Storm-0324, which is also known by the monikers TA543 and Sagrid. "Beginning in July 2023, Storm-0324 was observed distributing payloads using an]]> 2023-09-13T14:47:00+00:00 https://thehackernews.com/2023/09/microsoft-warns-of-new-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8382203 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity. The update is in addition to 35 flaws patched in the Chromium-based Edge browser since last month\'s]]> 2023-09-13T10:48:00+00:00 https://thehackernews.com/2023/09/microsoft-releases-patch-for-two-new.html www.secnews.physaphae.fr/article.php?IdArticle=8382145 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Adobe\'s Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts both Windows and macOS versions of Acrobat DC, Acrobat Reader DC,]]> 2023-09-13T08:27:00+00:00 https://thehackernews.com/2023/09/update-adobe-acrobat-and-reader-to.html www.secnews.physaphae.fr/article.php?IdArticle=8382110 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format that could result in arbitrary code execution when]]> 2023-09-13T07:20:00+00:00 https://thehackernews.com/2023/09/mozilla-rushes-to-patch-webp-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8382100 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub\'s repository creation and username renaming operations," Checkmarx security researcher Elad Rapoport said in a technical report shared with The Hacker News. "Successful exploitation of]]> 2023-09-12T17:02:00+00:00 https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8381772 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google Workplace, and Microsoft 365 are integral to daily operations. This widespread adoption has transformed them into potential breeding grounds for cyber threats. Each SaaS application presents unique security challenges, and the landscape constantly evolves]]> 2023-09-12T16:12:00+00:00 https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8381753 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple computers on the organization\'s network," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with]]> 2023-09-12T15:48:00+00:00 https://thehackernews.com/2023/09/chinese-redfly-group-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8381754 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and OriginBotnet, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an attachment, presenting a deliberately blurred image and a counterfeit reCAPTCHA to lure the recipient into]]> 2023-09-12T15:31:00+00:00 https://thehackernews.com/2023/09/sophisticated-phishing-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8381755 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posing as fake clients in order to socially engineer victims into launching malicious payloads," SentinelOne]]> 2023-09-12T11:43:00+00:00 https://thehackernews.com/2023/09/beware-metastealer-malware-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8381683 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR]]> 2023-09-12T10:45:00+00:00 https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html www.secnews.physaphae.fr/article.php?IdArticle=8381649 False Vulnerability None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets\' accounts. "Originating yet again from a Vietnamese-based group, this campaign uses a tiny compressed file attachment that packs a powerful Python-based stealer dropped in a multi-stage]]> 2023-09-11T19:52:00+00:00 https://thehackernews.com/2023/09/vietnamese-hackers-deploy-python-based.html www.secnews.physaphae.fr/article.php?IdArticle=8381390 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as Charming Kiten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the U.A.E. using a previously undocumented backdoor named Sponsor. Slovak cybersecurity firm is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, and healthcare]]> 2023-09-11T18:54:00+00:00 https://thehackernews.com/2023/09/charming-kitens-new-backdoor-sponsor.html www.secnews.physaphae.fr/article.php?IdArticle=8381375 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With the growing reliance on web applications and digital platforms, the use of application programming interfaces (APIs) has become increasingly popular. If you aren\'t familiar with the term, APIs allow applications to communicate with each other and they play a vital role in modern software development. However, the rise of API use has also led to an increase in the number of API breaches.]]> 2023-09-11T16:41:00+00:00 https://thehackernews.com/2023/09/how-to-prevent-api-breaches-guide-to.html www.secnews.physaphae.fr/article.php?IdArticle=8381241 False Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. "We believe it is vital to both improve privacy and preserve access to information, whether it\'s news, a how-to-guide, or a fun video," Anthony Chavez, vice president of Privacy Sandbox initiatives at Google, said. "Without viable]]> 2023-09-11T16:30:00+00:00 https://thehackernews.com/2023/09/google-chrome-rolls-out-support-for.html www.secnews.physaphae.fr/article.php?IdArticle=8381242 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this campaign, the threat actors steal and exfiltrate NTLMv2 hashes using customized versions of Nishang\'s]]> 2023-09-11T13:24:00+00:00 https://thehackernews.com/2023/09/cybercriminals-using-powershell-to.html www.secnews.physaphae.fr/article.php?IdArticle=8381180 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have," Zscaler]]> 2023-09-11T11:53:00+00:00 https://thehackernews.com/2023/09/new-hijackloader-modular-malware-loader.html www.secnews.physaphae.fr/article.php?IdArticle=8381150 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that\'s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server. The]]> 2023-09-09T13:44:00+00:00 https://thehackernews.com/2023/09/millions-infected-by-spyware-hidden-in.html www.secnews.physaphae.fr/article.php?IdArticle=8380677 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. "The attacker uses Advanced Installer to package other legitimate software installers, such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro, with malicious scripts and uses]]> 2023-09-09T11:55:00+00:00 https://thehackernews.com/2023/09/cybercriminals-weaponizing-legitimate.html www.secnews.physaphae.fr/article.php?IdArticle=8380666 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said, adding it has “ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including]]> 2023-09-08T22:34:00+00:00 https://thehackernews.com/2023/09/uk-and-us-sanction-11-russia-based.html www.secnews.physaphae.fr/article.php?IdArticle=8380488 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging fruit for finding and exploiting vulnerabilities that facilitate access to IT environments.  Recently, a]]> 2023-09-08T16:57:00+00:00 https://thehackernews.com/2023/09/protecting-your-microsoft-iis-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8380410 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released security fixes to address multiple security flaws, including a critical bug, that could be exploited by a threat actor to take control of an affected system or cause a denial-of service (DoS) condition. The most severe of the issues is CVE-2023-20238, which has the maximum CVSS severity rating of 10.0. It\'s described as an authentication bypass flaw in the Cisco BroadWorks]]> 2023-09-08T16:56:00+00:00 https://thehackernews.com/2023/09/cisco-issues-urgent-fix-for.html www.secnews.physaphae.fr/article.php?IdArticle=8380411 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in unspecified software over the past several weeks to infiltrate their machines. The findings come from Google\'s Threat Analysis Group (TAG), which found the adversary setting up fake accounts on social media platforms like X (formerly Twitter) and Mastodon to forge relationships]]> 2023-09-08T14:22:00+00:00 https://thehackernews.com/2023/09/north-korean-hackers-exploit-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8380377 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. “Nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized]]> 2023-09-08T11:06:00+00:00 https://thehackernews.com/2023/09/cisa-warning-nation-state-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8380335 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group\'s Pegasus mercenary spyware. The issues are described as below - CVE-2023-41061 - A validation issue in Wallet that could result in arbitrary code execution when handling a maliciously crafted attachment. CVE-2023-41064]]> 2023-09-08T08:41:00+00:00 https://thehackernews.com/2023/09/apple-rushes-to-patch-zero-day-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8380290 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or AMOS), indicating that it\'s being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light in April 2023. Shortly after that, new variants with an expanded set of information-gathering]]> 2023-09-07T20:38:00+00:00 https://thehackernews.com/2023/09/mac-users-beware-malvertising-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8380149 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity expertise and the lucrative opportunities for MSPs and MSSPs in vCISO services. Figure 1: Timeline for offering vCISO services The State of the Virtual CISO Survey Report]]> 2023-09-07T16:57:00+00:00 https://thehackernews.com/2023/09/the-state-of-virtual-ciso-report.html www.secnews.physaphae.fr/article.php?IdArticle=8380049 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset\'s metadata database. Outside of these]]> 2023-09-07T16:32:00+00:00 https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8380032 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware updates or when applications for viewing pirated video content are installed. "It is likely that this]]> 2023-09-07T15:17:00+00:00 https://thehackernews.com/2023/09/mirai-botnet-variant-pandora-hijacks.html www.secnews.physaphae.fr/article.php?IdArticle=8380012 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forging tokens to access Outlook by compromising an engineer\'s corporate account. This enabled the adversary to access a debugging environment that contained a crash dump of the consumer signing system that took place in April 2021 and steal the key. “A consumer]]> 2023-09-07T12:44:00+00:00 https://thehackernews.com/2023/09/outlook-breach-microsoft-reveals-how.html www.secnews.physaphae.fr/article.php?IdArticle=8379965 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android Framework. “There are indications that CVE-2023-35674 may be under limited, targeted exploitation,” the]]> 2023-09-06T19:32:00+00:00 https://thehackernews.com/2023/09/zero-day-alert-latest-android-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8379667 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain attack capability,” NSFOCUS Security Labs said in a report published last week. APT34, also known by]]> 2023-09-06T19:20:00+00:00 https://thehackernews.com/2023/09/alert-phishing-campaigns-deliver-new.html www.secnews.physaphae.fr/article.php?IdArticle=8379668 False Threat APT 34 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity. Three CISOs; Troy Wilkinson, CISO at IPG; Rob Geurtsen, former Deputy CISO at Nike; and Tammy Moskites, Founder of CyAlliance and former CISO at companies like Warner Brothers and Home Depot – shared]]> 2023-09-06T16:52:00+00:00 https://thehackernews.com/2023/09/three-cisos-share-how-to-run-effective.html www.secnews.physaphae.fr/article.php?IdArticle=8379607 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). “The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution (RCE) on an engineering workstation,” Nozomi Networks said in a report published last week. The issues, tracked as CVE-2023-34392 and from CVE-2023-31168]]> 2023-09-06T15:43:00+00:00 https://thehackernews.com/2023/09/9-alarming-vulnerabilities-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8379593 False Vulnerability,Threat,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. "The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL Panel, designed to bypass MFA, as well as 16]]> 2023-09-06T14:14:00+00:00 https://thehackernews.com/2023/09/w3ll-store-how-secret-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8379554 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting the link will download a ZIP archive containing three JPG images (]]> 2023-09-06T13:32:00+00:00 https://thehackernews.com/2023/09/ukraines-cert-thwarts-apt28s.html www.secnews.physaphae.fr/article.php?IdArticle=8379534 False None APT 28 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to distribute an open-source command-and-control (C2) framework called Mythic. “New BLISTER update includes keying feature that allows for precise targeting of victim networks and lowers exposure within VM/sandbox environments,” Elastic Security Labs researchers Salim Bitam and Daniel]]> 2023-09-05T19:34:00+00:00 https://thehackernews.com/2023/09/new-blister-malware-update-fuelling.html www.secnews.physaphae.fr/article.php?IdArticle=8379180 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in a new detailed technical write-up shared with The Hacker]]> 2023-09-05T17:49:00+00:00 https://thehackernews.com/2023/09/new-python-variant-of-chaes-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8379141 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, it\'s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions to confidential data storage. While organizations have quickly adopted tools like Multi-Factor Authentication (MFA),]]> 2023-09-05T17:26:00+00:00 https://thehackernews.com/2023/09/way-too-vulnerable-join-this-webinar-to.html www.secnews.physaphae.fr/article.php?IdArticle=8379142 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IBM\'s 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What\'s interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team\'s nightmare scenario.  The average cost of a breach rose once again]]> 2023-09-05T16:44:00+00:00 https://thehackernews.com/2023/09/key-cybersecurity-tools-that-can.html www.secnews.physaphae.fr/article.php?IdArticle=8379143 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there are numerous malware strains developed in the Go language,” the AhnLab Security Emergency Response Center (ASEC) said in a deep dive]]> 2023-09-05T15:45:00+00:00 https://thehackernews.com/2023/09/researchers-warn-of-cyber-weapons-used.html www.secnews.physaphae.fr/article.php?IdArticle=8379144 False Malware,Tool,Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform. “It targeted more than 50 apps, including Facebook, Instagram, X (formerly Twitter), YouTube, TikTok, Reddit, Pinterest, Medium, Blogspot, LiveJournal, VKontakte, Vimeo, and dozens of smaller platforms and]]> 2023-09-05T11:47:00+00:00 https://thehackernews.com/2023/09/meta-takes-down-thousands-of-accounts.html www.secnews.physaphae.fr/article.php?IdArticle=8379010 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance. The comprises CVE-2023-28432 (CVSS score: 7.5) and]]> 2023-09-04T19:43:00+00:00 https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html www.secnews.physaphae.fr/article.php?IdArticle=8378786 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) X, the social media site formerly known as Twitter, has updated its privacy policy to collect users\' biometric data to tackle fraud and impersonation on the platform. “Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes,” the company said. The revised policy is expected to go into effect on September 29, 2023. The social]]> 2023-09-04T18:24:00+00:00 https://thehackernews.com/2023/09/x-twitter-to-collect-biometric-data.html www.secnews.physaphae.fr/article.php?IdArticle=8378769 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There\'s been a great deal of AI hype recently, but that doesn\'t mean the robots are here to replace us. This article sets the record straight and explains how businesses should approach AI. From musing about self-driving cars to fearing AI bots that could destroy the world, there has been a great deal of AI hype in the past few years. AI has captured our imaginations, dreams, and occasionally,]]> 2023-09-04T16:59:00+00:00 https://thehackernews.com/2023/09/everything-you-wanted-to-know-about-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8378723 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. “Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,” WithSecure researcher Mohammad Kazem Hassan Nejad said. “And with businesses now leveraging the reach]]> 2023-09-04T14:10:00+00:00 https://thehackernews.com/2023/09/vietnamese-cybercriminals-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8378691 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created with MalDoc in PDF can be opened in Word even though it has magic numbers and file structure of PDF,"]]> 2023-09-04T11:10:00+00:00 https://thehackernews.com/2023/09/beware-of-maldoc-in-pdf-new-polyglot.html www.secnews.physaphae.fr/article.php?IdArticle=8378545 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to collect personally identifying information (PII) and payment credentials from victims, in the]]> 2023-09-04T11:00:00+00:00 https://thehackernews.com/2023/09/chinese-speaking-cybercriminals-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8378724 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation. “A]]> 2023-09-03T10:12:00+00:00 https://thehackernews.com/2023/09/poc-exploit-released-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8378263 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions. “In recent weeks, multiple US-based Okta customers have reported a consistent pattern of social engineering attacks against IT service desk personnel, in which the caller\'s strategy was to convince service desk personnel to reset all]]> 2023-09-02T09:42:00+00:00 https://thehackernews.com/2023/09/okta-warns-of-social-engineering.html www.secnews.physaphae.fr/article.php?IdArticle=8377865 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and infrastructure is employed. “Some of these tools include enumeration software, RAT payloads, exploitation and credential stealing software]]> 2023-09-01T21:11:00+00:00 https://thehackernews.com/2023/09/threat-actors-targeting-microsoft-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8377866 False Ransomware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to “enable unauthorized access to compromised]]> 2023-09-01T15:35:00+00:00 https://thehackernews.com/2023/09/russian-state-backed-infamous-chisel.html www.secnews.physaphae.fr/article.php?IdArticle=8377867 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and received a malicious LNK file from an address impersonating a member of the organization, non-profit entity Interlabs said in a new report. The LNK file, upon]]> 2023-09-01T14:41:00+00:00 https://thehackernews.com/2023/09/new-superbear-trojan-emerges-in.html www.secnews.physaphae.fr/article.php?IdArticle=8377868 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cyber threats continue to evolve, adversaries are deploying a range of tools to breach security defenses and compromise sensitive data. Surprisingly, one of the most potent weapons in their arsenal is not malicious code but simply stolen or weak usernames and passwords. This article explores the seriousness of compromised credentials, the challenges they present to security solutions, and the]]> 2023-09-01T14:40:00+00:00 https://thehackernews.com/2023/09/its-zero-day-its-malware-no-its.html www.secnews.physaphae.fr/article.php?IdArticle=8377869 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Classiscam scam-as-a-service program has reaped the criminal actors $64.5 million in illicit earnings since its emergence in 2019. "Classiscam campaigns initially started out on classified sites, on which scammers placed fake advertisements and used social engineering techniques to convince users to pay for goods by transferring money to bank cards," Group-IB said in a new report. "Since]]> 2023-09-01T12:52:00+00:00 https://thehackernews.com/2023/09/classiscam-scam-as-service-raked-645.html www.secnews.physaphae.fr/article.php?IdArticle=8377870 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. “Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional]]> 2023-08-31T19:45:00+00:00 https://thehackernews.com/2023/08/sapphirestealer-malware-gateway-to.html www.secnews.physaphae.fr/article.php?IdArticle=8377227 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three additional malicious Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors. The findings come from ReversingLabs, which detected the packages tablediter, request-plus, and requestspro. First disclosed at]]> 2023-08-31T18:16:00+00:00 https://thehackernews.com/2023/08/north-korean-hackers-deploy-new.html www.secnews.physaphae.fr/article.php?IdArticle=8377201 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of several interesting cyber attack statistics.]]> 2023-08-31T17:10:00+00:00 https://thehackernews.com/2023/08/numbers-dont-lie-exposing-harsh-truths.html www.secnews.physaphae.fr/article.php?IdArticle=8377174 False Threat,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-level resources and functioning with sophisticated skills and experience in cyber espionage and illicit]]> 2023-08-31T14:52:00+00:00 https://thehackernews.com/2023/08/earth-estries-espionage-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8377104 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month. Microsoft\'s container architecture (and by extension,]]> 2023-08-30T22:34:00+00:00 https://thehackernews.com/2023/08/hackers-can-exploit-windows-container.html www.secnews.physaphae.fr/article.php?IdArticle=8376838 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can capture user input and screen content, and can also remotely control victim devices through various techniques, enabling]]> 2023-08-30T20:42:00+00:00 https://thehackernews.com/2023/08/mmrat-android-trojan-executes-remote.html www.secnews.physaphae.fr/article.php?IdArticle=8376776 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF. "Most likely active since July 2020 and since July 2022, respectively, the campaigns]]> 2023-08-30T19:13:00+00:00 https://thehackernews.com/2023/08/china-linked-badbazaar-android-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8376758 False None APT 15,APT 15 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer need advanced coding skills to execute fraud and other damaging attacks against online businesses and customers, thanks to bots-as-a-service, residential proxies, CAPTCHA farms, and other easily accessible tools.  Now, the latest technology damaging]]> 2023-08-30T17:18:00+00:00 https://thehackernews.com/2023/08/how-to-prevent-chatgpt-from-stealing.html www.secnews.physaphae.fr/article.php?IdArticle=8376696 False Threat ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories. "The threat actor behind this campaign has been linked to malicious activity dating back to 2021," software supply chain security firm Checkmarx said in a report shared]]> 2023-08-30T16:57:00+00:00 https://thehackernews.com/2023/08/malicious-npm-packages-aim-to-target.html www.secnews.physaphae.fr/article.php?IdArticle=8376697 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports. The Shadowserver Foundation said that it\'s "seeing exploitation attempts from multiple IPs for Juniper J-Web CVE-2023-36844 (& friends) targeting /webauth_operation.php endpoint," the same day a proof-of-concept (PoC)]]> 2023-08-30T16:45:00+00:00 https://thehackernews.com/2023/08/alert-juniper-firewalls-openfire-and.html www.secnews.physaphae.fr/article.php?IdArticle=8376678 False None None 2.0000000000000000