This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-06T05:29:25+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Validate security continuously across your full stack with Pen Testing as a Service. In today\'s modern security operations center (SOC), it\'s a battle between the defenders and the cybercriminals. Both are using tools and expertise – however, the cybercriminals have the element of surprise on their side, and a host of tactics, techniques, and procedures (TTPs) that have evolved. These external]]> 2023-08-09T17:06:00+00:00 https://thehackernews.com/2023/08/continuous-security-validation-with.html www.secnews.physaphae.fr/article.php?IdArticle=8367850 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. "The incident was identified in October 2022 after suspicious activity was detected on our systems," the regulator said. "It became clear that hostile actors had first]]> 2023-08-09T15:52:00+00:00 https://thehackernews.com/2023/08/uk-electoral-commission-breach-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8367831 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller subset tied to bigger companies, spanning financial, aerospace, automotive, industrial, and security sectors]]> 2023-08-09T14:35:00+00:00 https://thehackernews.com/2023/08/malicious-campaigns-exploit-weak.html www.secnews.physaphae.fr/article.php?IdArticle=8367789 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it\'s introducing a second user setting to turn off support, at the model level, for null-ciphered cellular connections. "The Android Security Model assumes that all networks are hostile to keep users safe from]]> 2023-08-09T12:19:00+00:00 https://thehackernews.com/2023/08/new-android-14-security-feature-it.html www.secnews.physaphae.fr/article.php?IdArticle=8367758 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has patched a total of 74 flaws in its software as part of the company\'s Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. This comprises six Critical and 67 Important security vulnerabilities. Also released by the tech giant are two defense-in-depth updates for Microsoft Office (ADV230003) and the Memory Integrity System]]> 2023-08-09T09:56:00+00:00 https://thehackernews.com/2023/08/microsoft-releases-patches-for-74-new.html www.secnews.physaphae.fr/article.php?IdArticle=8367708 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tactical similarities have been unearthed between the double extortion ransomware group known as Rhysida and Vice Society, including in their targeting of education and healthcare sectors. "As Vice Society was observed deploying a variety of commodity ransomware payloads, this link does not suggest that Rhysida is exclusively used by Vice Society, but shows with at least medium confidence that]]> 2023-08-09T09:50:00+00:00 https://thehackernews.com/2023/08/new-report-exposes-vice-societys.html www.secnews.physaphae.fr/article.php?IdArticle=8367832 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware\'s infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed that 25% of its C2 servers are only active for a single day. "QakBot has a history of taking an]]> 2023-08-08T19:45:00+00:00 https://thehackernews.com/2023/08/qakbot-malware-operators-expand-c2.html www.secnews.physaphae.fr/article.php?IdArticle=8367307 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. "Cloudflared is functionally very similar to ngrok," Nic Finn, a senior threat intelligence analyst at GuidePoint Security, said. "However, Cloudflared differs from ngrok in that it provides a lot more usability for free,]]> 2023-08-08T17:52:00+00:00 https://thehackernews.com/2023/08/hackers-abusing-cloudflare-tunnels-for.html www.secnews.physaphae.fr/article.php?IdArticle=8367210 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things tend to do, times, they are a\'changin\' – and a few years back, Microsoft introduced Azure Active Directory, the]]> 2023-08-08T15:18:00+00:00 https://thehackernews.com/2023/08/understanding-active-directory-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8367146 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023. Cisco Talos, in a new write-up, attributed the operation with moderate confidence to an adversary of likely Vietnamese origin. "The threat actor uses an uncommon technique to deliver the ransom note," security]]> 2023-08-08T14:23:00+00:00 https://thehackernews.com/2023/08/new-yashma-ransomware-variant-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8367147 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities.  "LOLBAS is an attack method that uses binaries and scripts that are already part of the system for malicious purposes," Pentera security researcher Nir Chako said. "This makes it hard for security teams]]> 2023-08-08T12:53:00+00:00 https://thehackernews.com/2023/08/lolbas-in-wild-11-living-off-land.html www.secnews.physaphae.fr/article.php?IdArticle=8367116 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to "exploit trusted criminal networks," describing it as an instance of advanced threat actors "]]> 2023-08-07T21:27:00+00:00 https://thehackernews.com/2023/08/new-malware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8366834 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two different North Korean nation-state actors have been linked to a cyber intrusion against the major Russian missile engineering company NPO Mashinostroyeniya. Cybersecurity firm SentinelOne said it identified "two instances of North Korea related compromise of sensitive internal IT infrastructure," including a case of an email server compromise and the deployment of a Windows backdoor dubbed]]> 2023-08-07T19:26:00+00:00 https://thehackernews.com/2023/08/north-korean-hackers-targets-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8366798 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions for intelligence gathering and information sharing is indispensable. The idea of multiple-source intelligence gathering stems from the concept that threats are rarely isolated. Hence, their detection and prevention require a comprehensive]]> 2023-08-07T16:00:00+00:00 https://thehackernews.com/2023/08/enhancing-security-operations-using.html www.secnews.physaphae.fr/article.php?IdArticle=8366728 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. "When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium," researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad]]> 2023-08-07T15:44:00+00:00 https://thehackernews.com/2023/08/new-deep-learning-attack-deciphers.html www.secnews.physaphae.fr/article.php?IdArticle=8366729 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that\'s engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week. Some of the Linux distribution SkidMap]]> 2023-08-07T15:22:00+00:00 https://thehackernews.com/2023/08/new-skidmap-redis-malware-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8366730 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users. In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote "exclusive" new NFT releases, often]]> 2023-08-07T12:35:00+00:00 https://thehackernews.com/2023/08/fbi-alert-crypto-scammers-are.html www.secnews.physaphae.fr/article.php?IdArticle=8366678 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR allows businesses to outsource the management of Endpoint Detection and Response (EDR) products deployed across their network domain. With real-time threat-hunting capabilities, MDR services detect and mitigate malicious activities on individual endpoints while]]> 2023-08-05T13:33:00+00:00 https://thehackernews.com/2023/08/mdr-empowering-organizations-with.html www.secnews.physaphae.fr/article.php?IdArticle=8366010 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center (ASEC) said in a report published this week. "Port]]> 2023-08-05T13:22:00+00:00 https://thehackernews.com/2023/08/reptile-rootkit-advanced-linux-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8366011 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it. "The vulnerability could lead to unauthorized access to Custom Code functions used for Power Platform custom connectors," the tech giant said. "The potential impact could be unintended information disclosure if secrets]]> 2023-08-05T13:08:00+00:00 https://thehackernews.com/2023/08/microsoft-addresses-critical-power.html www.secnews.physaphae.fr/article.php?IdArticle=8365996 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances. Tracked as CVE-2023-39143 (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability. "]]> 2023-08-05T09:43:00+00:00 https://thehackernews.com/2023/08/researchers-uncover-new-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8365954 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen]]> 2023-08-04T17:43:00+00:00 https://thehackernews.com/2023/08/nyc-couple-pleads-guilty-to-money.html www.secnews.physaphae.fr/article.php?IdArticle=8365677 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potential. These challenges deprive organizations of the resilience they seek, making it essential to address them]]> 2023-08-04T16:36:00+00:00 https://thehackernews.com/2023/08/webinar-making-pam-great-again-solving.html www.secnews.physaphae.fr/article.php?IdArticle=8365661 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different]]> 2023-08-04T16:03:00+00:00 https://thehackernews.com/2023/08/malicious-npm-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8365642 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," cybersecurity and intelligence agencies from the Five]]> 2023-08-04T12:32:00+00:00 https://thehackernews.com/2023/08/major-cybersecurity-agencies.html www.secnews.physaphae.fr/article.php?IdArticle=8365600 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging a technique called versioning to evade Google Play Store\'s malware detections and target Android users. "Campaigns using versioning commonly target users\' credentials, data, and finances," Google Cybersecurity Action Team (GCAT) said in its August 2023 Threat Horizons Report shared with The Hacker News. While versioning is not a new phenomenon, it\'s sneaky and hard]]> 2023-08-03T21:48:00+00:00 https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html www.secnews.physaphae.fr/article.php?IdArticle=8365329 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new version of malware called Rilide that targets Chromium-based web browsers to steal sensitive data and steal cryptocurrency. "It exhibits a higher level of sophistication through modular design, code obfuscation, adoption to the Chrome Extension Manifest V3, and additional features such as the ability to exfiltrate stolen data to a Telegram channel]]> 2023-08-03T20:03:00+00:00 https://thehackernews.com/2023/08/new-version-of-rilide-data-theft.html www.secnews.physaphae.fr/article.php?IdArticle=8365287 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution. The flaw, patched by Citrix last month, carries a CVSS score of 9.8. The]]> 2023-08-03T19:50:00+00:00 https://thehackernews.com/2023/08/hundreds-of-citrix-netscaler-adc-and.html www.secnews.physaphae.fr/article.php?IdArticle=8365288 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The frequency and complexity of cyber threats are constantly evolving. At the same time, organizations are now collecting sensitive data that, if compromised, could result in severe financial and reputational damage. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion in 2023 and will grow to $10.5 trillion by 2025. There is also increasing public and]]> 2023-08-03T18:17:00+00:00 https://thehackernews.com/2023/08/a-penetration-testing-buyers-guide-for.html www.secnews.physaphae.fr/article.php?IdArticle=8365232 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding." "Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said in a Cyber Signals report shared with The Hacker News. "Sports teams, major league and global]]> 2023-08-03T15:31:00+00:00 https://thehackernews.com/2023/08/microsoft-flags-growing-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8365179 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacktivist group known as Mysterious Team Bangladesh has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel," Singapore-headquartered cybersecurity firm Group-IB said in a report shared with The Hacker News. "The group is]]> 2023-08-03T14:50:00+00:00 https://thehackernews.com/2023/08/mysterious-team-bangladesh-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8365180 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. The tech giant attributed the attacks to a group it tracks as Midnight Blizzard (previously Nobelium). It\'s also called APT29, BlueBravo, Cozy Bear, Iron Hemlock, and The Dukes.]]> 2023-08-03T12:08:00+00:00 https://thehackernews.com/2023/08/microsoft-exposes-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8365093 False Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a bypass for a recently fixed actively exploited vulnerability in some versions of Ivanti Endpoint Manager Mobile (EPMM), prompting Ivanti to urge users to update to the latest version of the software. Tracked as CVE-2023-35082 (CVSS score: 10.0) and discovered by Rapid7, the issue "allows unauthenticated attackers to access the API in older unsupported]]> 2023-08-03T09:36:00+00:00 https://thehackernews.com/2023/08/researchers-discover-bypass-for.html www.secnews.physaphae.fr/article.php?IdArticle=8365033 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the new infrastructure to a threat actor it tracks under the name BlueCharlie, a hacking crew that\'s broadly known by the names Blue Callisto, Callisto (or Calisto),]]> 2023-08-02T19:42:00+00:00 https://thehackernews.com/2023/08/russian-cyber-adversary-bluecharlie.html www.secnews.physaphae.fr/article.php?IdArticle=8364787 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce\'s email services, allowing threat actors to craft targeted phishing messages using the company\'s domain and infrastructure. "Those phishing campaigns cleverly evade conventional detection methods by chaining the Salesforce vulnerability and legacy quirks in Facebook\'s Web Games platform,"]]> 2023-08-02T18:25:00+00:00 https://thehackernews.com/2023/08/phishers-exploit-salesforces-email.html www.secnews.physaphae.fr/article.php?IdArticle=8364755 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have no patch or remediation, registering a significant increase from 13% the previous year. According to data compiled by SynSaber, a total of 670 ICS product flaws were reported via the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in the first half of]]> 2023-08-02T18:25:00+00:00 https://thehackernews.com/2023/08/industrial-control-systems.html www.secnews.physaphae.fr/article.php?IdArticle=8364754 False Vulnerability,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless industries. One of the most notable platforms that has been host to many malicious actors and nefarious activities has been Telegram. Thanks to its accessibility, popularity, and user anonymity, Telegram has attracted a large number of threat actors driven by]]> 2023-08-02T17:22:00+00:00 https://thehackernews.com/2023/08/top-industries-significantly-impacted.html www.secnews.physaphae.fr/article.php?IdArticle=8364717 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments "The SSM agent, a legitimate tool used by admins to manage their instances, can be re-purposed by an attacker who has achieved high privilege access on an endpoint with]]> 2023-08-02T17:20:00+00:00 https://thehackernews.com/2023/08/researchers-uncover-aws-ssm-agent.html www.secnews.physaphae.fr/article.php?IdArticle=8364718 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews. "Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran – in possible violation of U.S. sanctions – under the direction of someone  going by the name Hassan Nozari," Halcyon said in a]]> 2023-08-02T13:01:00+00:00 https://thehackernews.com/2023/08/iranian-company-cloudzy-accused-of.html www.secnews.physaphae.fr/article.php?IdArticle=8364642 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian]]> 2023-08-02T09:11:00+00:00 https://thehackernews.com/2023/08/norwegian-entities-targeted-in-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8364582 False Vulnerability,Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that\'s equipped to fully take over Facebook business accounts as well as siphon cryptocurrency. Palo Alto Network Unit 42 said it detected the previously undocumented strain as part of a campaign that commenced in December 2022. NodeStealer was first exposed by Meta in May 2023, describing it as a stealer]]> 2023-08-01T21:03:00+00:00 https://thehackernews.com/2023/08/new-nodestealer-targeting-facebook.html www.secnews.physaphae.fr/article.php?IdArticle=8364328 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a combination of remote access trojan (RAT) capabilities and vishing attack," Italian cybersecurity]]> 2023-08-01T16:41:00+00:00 https://thehackernews.com/2023/08/european-bank-customers-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8364250 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it\'s been duplicated or moved to. So, what is DSPM? Here\'s a quick example: Let\'s say you\'ve built an excellent security posture for your cloud data. For the sake of this example, your data is in production, it\'s protected behind a]]> 2023-08-01T15:45:00+00:00 https://thehackernews.com/2023/08/what-is-data-security-posture.html www.secnews.physaphae.fr/article.php?IdArticle=8364235 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals\' main goals are still espionage and theft of confidential information, but the group has expanded its interests and the geography of its attacks," Positive]]> 2023-08-01T15:27:00+00:00 https://thehackernews.com/2023/08/researchers-expose-space-pirate-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8364236 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. Cybersecurity company Kaspersky attributed the intrusions with medium to high confidence to a hacking crew called APT31, which is also tracked under the monikers Bronze Vinewood,]]> 2023-08-01T14:31:00+00:00 https://thehackernews.com/2023/08/chinas-apt31-suspected-in-attacks-on.html www.secnews.physaphae.fr/article.php?IdArticle=8364217 False Industrial APT 31 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). "It is a sophisticated downloader with the objective of installing a second malware payload," Proofpoint said in a technical report. "The malware uses multiple mechanisms to evade]]> 2023-08-01T09:50:00+00:00 https://thehackernews.com/2023/08/cybercriminals-renting-wikiloader-to.html www.secnews.physaphae.fr/article.php?IdArticle=8364133 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. "The malware compromises exposed instances of the Redis data store by exploiting the replication feature," Cado Security researchers Nate Bill and Matt Muir said in a report shared with The Hacker News. "A common attack]]> 2023-07-31T19:08:00+00:00 https://thehackernews.com/2023/07/new-p2pinfect-worm-targets-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8363877 False Malware None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also known by the names Operation Hangover and Zinc Emerson, is suspected to be a threat group that]]> 2023-07-31T18:00:00+00:00 https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8363854 False Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated enterprises was expected to grow by a whopping 1900% in just one year, from only 1% in 2021 to 20% in 2022! Offering vCISO services can be especially attractive for MSPs and MSSPs. By addressing their customers\' needs for proactive cyber resilience,]]> 2023-07-31T17:20:00+00:00 https://thehackernews.com/2023/07/webinar-riding-vciso-wave-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8363855 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More details have emerged about a botnet called AVRecon, which has been observed making use of compromised small office/home office (SOHO) routers as part of a multi-year campaign active since at least May 2021. AVRecon was first disclosed by Lumen Black Lotus Labs earlier this month as malware capable of executing additional commands and stealing victim\'s bandwidth for what appears to be an]]> 2023-07-31T14:55:00+00:00 https://thehackernews.com/2023/07/avrecon-botnet-leveraging-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8363800 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote trojans tools like Remcos RAT. "Among the software in question are various instruments for fine-tuning CPUs, graphic cards, and BIOS; PC hardware-monitoring tools; and some other apps," cybersecurity]]> 2023-07-31T14:08:00+00:00 https://thehackernews.com/2023/07/fruity-trojan-uses-deceptive-software.html www.secnews.physaphae.fr/article.php?IdArticle=8363801 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below, Patchstack said in a report last week. Ninja Forms is installed on over 800,000 sites. A brief description]]> 2023-07-31T12:12:00+00:00 https://thehackernews.com/2023/07/multiple-flaws-found-in-ninja-forms.html www.secnews.physaphae.fr/article.php?IdArticle=8363783 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act as a clipper to substitute wallet addresses when a]]> 2023-07-29T13:40:00+00:00 https://thehackernews.com/2023/07/new-android-malware-cherryblos.html www.secnews.physaphae.fr/article.php?IdArticle=8363134 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop "The Definitive Browser Security RFP Template." This resource helps streamline the process of evaluating and procuring browser security platforms]]> 2023-07-29T11:04:00+00:00 https://thehackernews.com/2023/07/rfp-template-for-browser-security.html www.secnews.physaphae.fr/article.php?IdArticle=8363102 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 to prevent their abuse for data collection. "This will help ensure that apps only use these APIs for their intended purpose," the company said in a statement. "As part of this process, you\'ll need]]> 2023-07-29T11:00:00+00:00 https://thehackernews.com/2023/07/apple-sets-new-rules-for-developers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8363103 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances. "SUBMARINE comprises multiple artifacts - including a SQL trigger, shell scripts, and a loaded library for a Linux daemon - that together enable]]> 2023-07-29T10:29:00+00:00 https://thehackernews.com/2023/07/hackers-deploy-submarine-backdoor-in.html www.secnews.physaphae.fr/article.php?IdArticle=8363087 False Hack,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has disclosed yet another security flaw impacting Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core, that it said has been weaponized as part of an exploit chain by malicious actors in the wild. The new vulnerability, tracked as CVE-2023-35081 (CVSS score: 7.8), impacts supported versions 11.10, 11.9, and 11.8, as well as those that are currently end-of-life (EoL). "]]> 2023-07-29T09:57:00+00:00 https://thehackernews.com/2023/07/ivanti-warns-of-another-endpoint.html www.secnews.physaphae.fr/article.php?IdArticle=8363039 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors linked to the malware loader known as IcedID have made updates to the BackConnect (BC) module that\'s used for post-compromise activity on hacked systems, new findings from Team Cymru reveal. IcedID, also called BokBot, is a strain of malware similar to Emotet and QakBot that started off as a banking trojan in 2017, before switching to the role of an initial access facilitator]]> 2023-07-28T18:40:00+00:00 https://thehackernews.com/2023/07/icedid-malware-adapts-and-expands.html www.secnews.physaphae.fr/article.php?IdArticle=8362759 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running malware on compromised systems. Cybersecurity firm Securonix is tracking the activity under the name STARK#MULE. "Based on the source and likely targets, these types of attacks are on par with past attacks stemming from typical North]]> 2023-07-28T18:27:00+00:00 https://thehackernews.com/2023/07/starkmule-targets-koreans-with-us.html www.secnews.physaphae.fr/article.php?IdArticle=8362734 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As part of Checkmarx\'s mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche has a well-established Vulnerability Reporting Policy (Disclosure Policy)[1], it was considered in scope for our research, so we decided to start there, and see what we could find. What we found is an]]> 2023-07-28T17:18:00+00:00 https://thehackernews.com/2023/07/a-data-exfiltration-attack-scenario.html www.secnews.physaphae.fr/article.php?IdArticle=8362735 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A legitimate Windows search feature is being exploited by malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT. The novel attack technique, per Trellix, takes advantage of the "search-ms:" URI protocol handler, which offers the ability for applications and HTML links to launch custom local]]> 2023-07-28T17:15:00+00:00 https://thehackernews.com/2023/07/hackers-abusing-windows-search-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8362736 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services (LIS) for command-and-control (C2) obfuscation, Recorded Future said in]]> 2023-07-28T14:24:00+00:00 https://thehackernews.com/2023/07/bluebravo-deploys-graphicalproton.html www.secnews.physaphae.fr/article.php?IdArticle=8362655 False None APT 29,APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an "extremely severe" flaw that could result in pre-authenticated remote code execution on affected installations. Tracked as CVE-2023-38646, the issue impacts open-source editions prior to 0.46.6.1 and Metabase Enterprise]]> 2023-07-28T11:16:00+00:00 https://thehackernews.com/2023/07/major-security-flaw-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8362575 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs called Insecure Direct Object Reference (IDOR), a type of access control flaw that occurs when an]]> 2023-07-28T10:37:00+00:00 https://thehackernews.com/2023/07/cybersecurity-agencies-warn-against.html www.secnews.physaphae.fr/article.php?IdArticle=8362576 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users. "The impacted Ubuntu versions are prevalent in the cloud as they serve as the default]]> 2023-07-27T18:55:00+00:00 https://thehackernews.com/2023/07/gameoverlay-two-severe-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8362245 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future ransomware attacks. Dubbed Nitrogen, the "opportunistic" activity is designed to deploy second-stage]]> 2023-07-27T18:42:00+00:00 https://thehackernews.com/2023/07/new-malvertising-campaign-distributing.html www.secnews.physaphae.fr/article.php?IdArticle=8362246 False Ransomware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development.  Placing security at the very end of the]]> 2023-07-27T16:55:00+00:00 https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8362202 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai botnet. Of these attack attempts, 20% (or]]> 2023-07-27T16:16:00+00:00 https://thehackernews.com/2023/07/hackers-target-apache-tomcat-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8362177 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A city court in Moscow on Wednesday convicted Group-IB co-founder and CEO Ilya Sachkov of "high treason" and jailed him for 14 years in a "strict regime colony" over accusations of passing information to foreign spies. "The court found Sachkov guilty under Article 275 of the Russian Criminal Code (high treason) sentencing him to 14 years of incarceration in a maximum-security jail, restriction]]> 2023-07-27T16:01:00+00:00 https://thehackernews.com/2023/07/group-ib-co-founder-sentenced-to-14.html www.secnews.physaphae.fr/article.php?IdArticle=8362178 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a cyber attack within four days of identifying that it has a "material" impact on their finances, marking a major shift in how computer breaches are disclosed. "Whether a company loses a factory in a fire - or millions of files in a cybersecurity]]> 2023-07-27T12:19:00+00:00 https://thehackernews.com/2023/07/new-sec-rules-require-us-companies-to.html www.secnews.physaphae.fr/article.php?IdArticle=8362120 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A deeper analysis of a recently discovered malware called Decoy Dog has revealed that it\'s a significant upgrade over the Pupy RAT, an open-source remote access trojan it\'s modeled on. "Decoy Dog has a full suite of powerful, previously unknown capabilities – including the ability to move victims to another controller, allowing them to maintain communication with compromised machines and remain]]> 2023-07-26T18:43:00+00:00 https://thehackernews.com/2023/07/decoy-dog-new-breed-of-malware-posing.html www.secnews.physaphae.fr/article.php?IdArticle=8361727 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new Uptycs\' whitepaper, Stealers are Organization Killers, a variety of new info stealers have emerged this year, preying]]> 2023-07-26T16:23:00+00:00 https://thehackernews.com/2023/07/the-alarming-rise-of-infostealers-how.html www.secnews.physaphae.fr/article.php?IdArticle=8361688 False Threat,Studies,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data. A key hallmark of the operation entails cloning official portals of the Servicio de Administración Tributaria (SAT) in Mexico and the Servicio de Impuestos Internos (SII) in Chile and redirecting potential victims to]]> 2023-07-26T16:22:00+00:00 https://thehackernews.com/2023/07/fenix-cybercrime-group-poses-as-tax.html www.secnews.physaphae.fr/article.php?IdArticle=8361689 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, etc.," Netenrich security researcher Rakesh Krishnan]]> 2023-07-26T15:32:00+00:00 https://thehackernews.com/2023/07/new-ai-tool-fraudgpt-emerges-tailored.html www.secnews.physaphae.fr/article.php?IdArticle=8361668 False Tool,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system. Written in the Rust programming language, the malware is distributed in the form of bogus blockchain games and is capable of "emptying crypto wallets and stealing stored password and]]> 2023-07-26T12:38:00+00:00 https://thehackernews.com/2023/07/rust-based-realst-infostealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8361608 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.1), the shortcoming is expected to put approximately 500,000 and 900,000 RouterOS systems at risk of exploitation via their web and/or Winbox interfaces, respectively,]]> 2023-07-26T10:32:00+00:00 https://thehackernews.com/2023/07/critical-mikrotik-routeros.html www.secnews.physaphae.fr/article.php?IdArticle=8361572 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual IP address. Google-owned threat intelligence firm Mandiant attributed the activity to a threat actor it tracks under the name UNC4899, which likely shares overlaps with clusters already]]> 2023-07-25T20:16:00+00:00 https://thehackernews.com/2023/07/north-korean-nation-state-actors.html www.secnews.physaphae.fr/article.php?IdArticle=8361273 False Hack,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets. "They are still heavily focused on Latin American]]> 2023-07-25T17:40:00+00:00 https://thehackernews.com/2023/07/casbaneiro-banking-malware-goes-under.html www.secnews.physaphae.fr/article.php?IdArticle=8361218 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple\'s operating system.  What Are the Rising Threats to macOS? There is a common misconception among macOS fans that Apple devices are immune to hacking and malware infection. However, users have been facing more and more dangers recently. Inventive attackers are specifically]]> 2023-07-25T16:54:00+00:00 https://thehackernews.com/2023/07/macos-under-attack-examining-growing.html www.secnews.physaphae.fr/article.php?IdArticle=8361219 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what\'s believed to be an intentional backdoor that could have potentially exposed sensitive information. The issues, discovered by Midnight Blue in 2021 and held back until now, have]]> 2023-07-25T15:58:00+00:00 https://thehackernews.com/2023/07/tetraburst-5-new-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8361220 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How do you overcome today\'s talent gap in cybersecurity? This is a crucial issue - particularly when you find executive leadership or the board asking pointed questions about your security team\'s ability to defend the organization against new and current threats. This is why many security leaders find themselves turning to managed security services like MDR (managed detection and response),]]> 2023-07-25T15:48:00+00:00 https://thehackernews.com/2023/07/how-mdr-helps-solve-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8361221 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security vulnerability has been discovered in AMD\'s Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as CVE-2023-20593 (CVSS score: 6.5) – allows data exfiltration at the rate of 30 kb per core, per second. The]]> 2023-07-25T15:33:00+00:00 https://thehackernews.com/2023/07/zenbleed-new-flaw-in-amd-zen-2.html www.secnews.physaphae.fr/article.php?IdArticle=8361222 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released updates to address three security flaws impacting its Confluence Server, Data Center, and Bamboo Data Center products that, if successfully exploited, could result in remote code execution on susceptible systems. The list of the flaws is below - CVE-2023-22505 (CVSS score: 8.0) - RCE (Remote Code Execution) in Confluence Data Center and Server (Fixed in versions 8.3.2 and]]> 2023-07-25T09:47:00+00:00 https://thehackernews.com/2023/07/atlassian-releases-patches-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8361053 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti is warning users to update their Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core) to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as]]> 2023-07-25T09:21:00+00:00 https://thehackernews.com/2023/07/ivanti-releases-urgent-patch-for-epmm.html www.secnews.physaphae.fr/article.php?IdArticle=8361054 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with improved state management. "]]> 2023-07-25T09:06:00+00:00 https://thehackernews.com/2023/07/apple-rolls-out-urgent-patches-for-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8361055 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and]]> 2023-07-24T18:31:00+00:00 https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8360780 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it intends to add support for Message Layer Security (MLS) to its Messages service for Android and open source implementation of the specification. "Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform," Giles Hogben, privacy engineering]]> 2023-07-24T18:14:00+00:00 https://thehackernews.com/2023/07/google-messages-getting-cross-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8360781 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven\'t changed in 2023. The U.S. Government\'s Office for Civil Rights reported 145 data breaches in the United States during the first quarter of this year. That follows 707 incidents a year ago, during which over 50 million records were]]> 2023-07-24T17:40:00+00:00 https://thehackernews.com/2023/07/how-to-protect-patients-and-their.html www.secnews.physaphae.fr/article.php?IdArticle=8360782 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH\'s forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.]]> 2023-07-24T14:40:00+00:00 https://thehackernews.com/2023/07/new-openssh-vulnerability-exposes-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8360726 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector. "These attacks showcased advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to it," Checkmarx said in a report published last week. "The attackers]]> 2023-07-24T12:54:00+00:00 https://thehackernews.com/2023/07/banking-sector-targeted-in-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8360694 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has warned that it would rather stop offering iMessage and FaceTime services in the U.K. than bowing down to government pressure in response to new proposals that seek to expand digital surveillance powers available to state intelligence agencies. The development, first reported by BBC News, makes the iPhone maker the latest to join the chorus of voices protesting against forthcoming]]> 2023-07-22T11:06:00+00:00 https://thehackernews.com/2023/07/apple-threatens-to-pull-imessage-and.html www.secnews.physaphae.fr/article.php?IdArticle=8360015 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recent attack against Microsoft\'s email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and]]> 2023-07-21T20:44:00+00:00 https://thehackernews.com/2023/07/azure-ad-token-forging-technique-in.html www.secnews.physaphae.fr/article.php?IdArticle=8359761 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. "HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, installing more malware, and]]> 2023-07-21T20:35:00+00:00 https://thehackernews.com/2023/07/hotrat-new-variant-of-asyncrat-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8359762 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts. "BundleBot is abusing the dotnet bundle (single-file), self-contained format that results in very low or no static detection at all," Check Point said in a report]]> 2023-07-21T17:40:00+00:00 https://thehackernews.com/2023/07/sophisticated-bundlebot-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8359714 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Regardless of the country, local government is essential in most citizens\' lives. It provides many day-to-day services and handles various issues. Therefore, their effects can be far-reaching and deeply felt when security failures occur. In early 2023, Oakland, California, fell victim to a ransomware attack. Although city officials have not disclosed how the attack occurred, experts suspect a]]> 2023-07-21T17:11:00+00:00 https://thehackernews.com/2023/07/local-governments-targeted-for.html www.secnews.physaphae.fr/article.php?IdArticle=8359715 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several distributed denial-of-service (DDoS) botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker\'s IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America,]]> 2023-07-21T14:33:00+00:00 https://thehackernews.com/2023/07/ddos-botnets-hijacking-zyxel-devices-to.html www.secnews.physaphae.fr/article.php?IdArticle=8359660 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices is being abused to drop web shells on vulnerable systems. "In June 2023, threat actors exploited this vulnerability as a zero-day to drop a web shell on a critical]]> 2023-07-21T10:56:00+00:00 https://thehackernews.com/2023/07/citrix-netscaler-adc-and-gateway.html www.secnews.physaphae.fr/article.php?IdArticle=8359580 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mallox ransomware activities in 2023 have witnessed a 174% increase when compared to the previous year, new findings from Palo Alto Networks Unit 42 reveal. "Mallox ransomware, like many other ransomware threat actors, follows the double extortion trend: stealing data before encrypting an organization\'s files, and then threatening to publish the stolen data on a leak site as leverage to convince]]> 2023-07-20T22:26:00+00:00 https://thehackernews.com/2023/07/mallox-ransomware-exploits-weak-ms-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8359337 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software that, if successfully exploited, could allow threat actors to remotely commandeer vulnerable servers and deploy malware. "These new vulnerabilities range in severity from High to Critical, including unauthenticated remote code execution and unauthorized device access with superuser]]> 2023-07-20T22:26:00+00:00 https://thehackernews.com/2023/07/critical-flaws-in-ami-megarac-bmc.html www.secnews.physaphae.fr/article.php?IdArticle=8359336 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state, which allows them to take over any user account, including the admin account," Sonar vulnerability]]> 2023-07-20T21:26:00+00:00 https://thehackernews.com/2023/07/apache-openmeetings-web-conferencing.html www.secnews.physaphae.fr/article.php?IdArticle=8359338 False Tool,Vulnerability None 2.0000000000000000