This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-05T09:28:06+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that\'s targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened URL to conceal the actual]]> 2023-06-06T10:00:00+00:00 https://thehackernews.com/2023/06/chinese-postalfurious-gang-strikes-uae.html www.secnews.physaphae.fr/article.php?IdArticle=8342388 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated attacker to cause a]]> 2023-06-06T09:46:00+00:00 https://thehackernews.com/2023/06/zyxel-firewalls-under-attack-urgent.html www.secnews.physaphae.fr/article.php?IdArticle=8342380 False Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. "Exploitation is often followed by deployment of a web shell with data exfiltration capabilities," the Microsoft Threat Intelligence team said in a series of tweets today. "CVE-2023-34362 allows attackers to]]> 2023-06-05T17:33:00+00:00 https://thehackernews.com/2023/06/microsoft-lace-tempest-hackers-behind.html www.secnews.physaphae.fr/article.php?IdArticle=8342144 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 55% of security executives report that they have experienced a SaaS security incident in the past two years - ranging from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2). Figure 1. How many organizations have experienced a SaaS security incident within the past two years The SaaS Security Survey Report: Plans and Priorities for 2024,]]> 2023-06-05T17:25:00+00:00 https://thehackernews.com/2023/06/the-annual-report-2024-plans-and.html www.secnews.physaphae.fr/article.php?IdArticle=8342132 False Ransomware,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that\'s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked sites further serve as "makeshift" command-and-control (C2) servers, using the cover to facilitate the]]> 2023-06-05T11:59:00+00:00 https://thehackernews.com/2023/06/magento-woocommerce-wordpress-and.html www.secnews.physaphae.fr/article.php?IdArticle=8342062 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. "This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to carry out its malicious activities," the BlackBerry Research and Intelligence Team said in a report]]> 2023-06-05T10:18:00+00:00 https://thehackernews.com/2023/06/brazilian-cybercriminals-using-lolbas.html www.secnews.physaphae.fr/article.php?IdArticle=8342039 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. "TrueBot is a downloader trojan botnet that uses command and control servers to collect information on compromised systems and uses that compromised system as a launching point for further attacks," VMware\'s Fae Carlisle said. Active since at least 2017, TrueBot is linked to a group known as Silence that\'s]]> 2023-06-05T10:01:00+00:00 https://thehackernews.com/2023/06/alarming-surge-in-truebot-activity.html www.secnews.physaphae.fr/article.php?IdArticle=8342040 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an "extremely high degree of similarity" between Royal and BlackSuit. "In fact, they\'re nearly identical, with 98% similarities in]]> 2023-06-03T13:50:00+00:00 https://thehackernews.com/2023/06/new-linux-ransomware-strain-blacksuit.html www.secnews.physaphae.fr/article.php?IdArticle=8341739 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent. EC-Council, the global leader in cybersecurity education and training, released its Certified Chief Information Security Officer Hall of Fame]]> 2023-06-03T13:40:00+00:00 https://thehackernews.com/2023/06/cloud-security-tops-concerns-for.html www.secnews.physaphae.fr/article.php?IdArticle=8341740 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises a $25 million penalty for breaching children\'s privacy laws by retaining their Alexa voice recordings for indefinite time periods and preventing parents from exercising their deletion rights. "Amazon\'s history]]> 2023-06-03T13:35:00+00:00 https://thehackernews.com/2023/06/ftc-slams-amazon-with-308m-fine-for.html www.secnews.physaphae.fr/article.php?IdArticle=8341741 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim\'s Outlook mailbox, exfiltrate contacts\' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim\'s mailbox," Cisco Talos researcher Chetan Raghuprasad]]> 2023-06-02T17:33:00+00:00 https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8341484 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it?  Data security posture management (DSPM) became mainstream following the publication]]> 2023-06-02T15:46:00+00:00 https://thehackernews.com/2023/06/the-importance-of-managing-your-data.html www.secnews.physaphae.fr/article.php?IdArticle=8341460 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that\'s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines." What the malware lacks in]]> 2023-06-02T15:38:00+00:00 https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html www.secnews.physaphae.fr/article.php?IdArticle=8341450 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors\' use of social engineering tactics to strike think tanks, academia, and news media sectors. The "sustained information gathering efforts" have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (]]> 2023-06-02T11:15:00+00:00 https://thehackernews.com/2023/06/north-koreas-kimsuky-group-mimics-key.html www.secnews.physaphae.fr/article.php?IdArticle=8341407 False None APT 43 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical flaw in Progress Software\'s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems. The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL injection vulnerability that could lead to escalated privileges and potential unauthorized access to the environment. "An SQL injection]]> 2023-06-02T08:55:00+00:00 https://thehackernews.com/2023/06/moveit-transfer-under-attack-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8341379 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What\'s more, 50% of the servers don\'t remain active for more than a week, indicating the use of an adaptable and dynamic C2 infrastructure, Lumen Black Lotus Labs said in a report shared with The Hacker News. "This botnet has adapted]]> 2023-06-01T21:41:00+00:00 https://thehackernews.com/2023/06/evasive-qbot-malware-leverages-short.html www.secnews.physaphae.fr/article.php?IdArticle=8341271 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data," Kaspersky said. The Russian]]> 2023-06-01T20:44:00+00:00 https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html www.secnews.physaphae.fr/article.php?IdArticle=8341248 False Malware,Hack,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, "Nguyen Huu Tai, who also goes by the names Joe Nguyen and Thanh Nguyen, has the strongest likelihood of being involved with the XE Group." XE]]> 2023-06-01T20:25:00+00:00 https://thehackernews.com/2023/06/unmasking-xe-group-experts-reveal.html www.secnews.physaphae.fr/article.php?IdArticle=8341249 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed," ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News. The package]]> 2023-06-01T17:46:00+00:00 https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html www.secnews.physaphae.fr/article.php?IdArticle=8341203 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IT hygiene is a security best practice that ensures that digital assets in an organization\'s environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in an environment. As technology advances and the tools used by]]> 2023-06-01T17:24:00+00:00 https://thehackernews.com/2023/06/how-wazuh-improves-it-hygiene-for-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8341204 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a "number of updated capabilities that strengthen the group\'s efforts to evade detection," IBM Security X-Force said in a new analysis. The "]]> 2023-06-01T14:49:00+00:00 https://thehackernews.com/2023/06/improved-blackcat-ransomware-strikes.html www.secnews.physaphae.fr/article.php?IdArticle=8341159 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that\'s employed by the North Korean state-sponsored actor known as ScarCruft. "RokRAT is a sophisticated remote access trojan (RAT) that has been observed as a critical component within the attack chain, enabling the threat actors to gain unauthorized access, exfiltrate sensitive information, and potentially]]> 2023-06-01T12:28:00+00:00 https://thehackernews.com/2023/06/n-korean-scarcruft-hackers-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8341141 False Threat APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting different firewall models that could enable an unauthenticated attacker]]> 2023-06-01T09:47:00+00:00 https://thehackernews.com/2023/06/active-mirai-botnet-variant-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8341103 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that\'s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0, which was released in November 2012. “This vulnerability could be used by authors on a site to manipulate any files in the]]> 2023-06-01T09:31:00+00:00 https://thehackernews.com/2023/06/urgent-wordpress-update-fixes-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8341104 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023. “Persistence is achieved via timed processors or entries to cron,” said Dr.]]> 2023-05-31T21:14:00+00:00 https://thehackernews.com/2023/05/cybercriminals-targeting-apache-nifi.html www.secnews.physaphae.fr/article.php?IdArticle=8340928 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue. "Most Gigabyte firmware includes a Windows]]> 2023-05-31T18:48:00+00:00 https://thehackernews.com/2023/05/critical-firmware-vulnerability-in.html www.secnews.physaphae.fr/article.php?IdArticle=8340880 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations, leading to unauthorized access to sensitive data. Data security firm Varonis dubbed the abandoned, unprotected, and unmonitored resources “ghost sites.” “When these Communities are no longer needed, though, they are often set aside but not deactivated,” Varonis]]> 2023-05-31T18:30:00+00:00 https://thehackernews.com/2023/05/beware-of-ghost-sites-silent-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8340881 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. Specifically, the flaw – dubbed Migraine and tracked as CVE-2023-32369 – could be abused to get around a key security measure called System Integrity Protection (SIP), or “rootless,” which]]> 2023-05-31T17:27:00+00:00 https://thehackernews.com/2023/05/microsoft-details-critical-apple-macos.html www.secnews.physaphae.fr/article.php?IdArticle=8340867 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently and effectively is no small task – but with a small investment of time, you can master threat hunting and save your organization millions of dollars. Consider this staggering statistic. Cybersecurity Ventures estimates that cybercrime will take a $10.5 trillion toll on the global]]> 2023-05-31T17:17:00+00:00 https://thehackernews.com/2023/05/6-steps-to-effective-threat-hunting.html www.secnews.physaphae.fr/article.php?IdArticle=8340868 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This includes educational entities, government agencies, military bodies, and non-profit organizations, indicating the adversarial crew\'s continued focus on high-value targets. Dark Pink, also called Saaiwc]]> 2023-05-31T14:28:00+00:00 https://thehackernews.com/2023/05/dark-pink-apt-group-leverages.html www.secnews.physaphae.fr/article.php?IdArticle=8340823 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical Scorpius (Unit 42) and UNC2596 (Mandiant). "These lure sites are most likely only meant for a small]]> 2023-05-31T14:00:00+00:00 https://thehackernews.com/2023/05/romcom-rat-using-deceptive-web-of-rogue.html www.secnews.physaphae.fr/article.php?IdArticle=8340811 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had been abused by threat actors since October 2022 to backdoor the devices. The latest findings show that the critical vulnerability, tracked as CVE-2023-2868 (CVSS score: N/A), has been actively exploited for at least seven months prior to its discovery.]]> 2023-05-31T10:55:00+00:00 https://thehackernews.com/2023/05/alert-hackers-exploit-barracuda-email.html www.secnews.physaphae.fr/article.php?IdArticle=8340751 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI) said in a report published last week. The vulnerabilities were demonstrated by three different teams from Qrious Secure, STAR Labs, and DEVCORE at the Pwn2Own hacking contest held in Toronto late last year,]]> 2023-05-30T17:59:00+00:00 https://thehackernews.com/2023/05/hackers-win-105000-for-reporting.html www.secnews.physaphae.fr/article.php?IdArticle=8340523 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic. "Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this market demand have been created," Trend Micro said in a report published last week. "These]]> 2023-05-30T17:46:00+00:00 https://thehackernews.com/2023/05/captcha-breaking-services-with-human.html www.secnews.physaphae.fr/article.php?IdArticle=8340524 False Prediction None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In this day and age, vulnerabilities in software and systems pose a considerable danger to businesses, which is why it is essential to have an efficient vulnerability management program in place. To stay one step ahead of possible breaches and reduce the damage they may cause, it is crucial to automate the process of finding and fixing vulnerabilities depending on the level of danger they pose.]]> 2023-05-30T17:25:00+00:00 https://thehackernews.com/2023/05/implementing-risk-based-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8340525 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGOT, and Premium versions of YouTube, Netflix, and Instagram. "Once installed on a victim\'s device, the]]> 2023-05-30T12:32:00+00:00 https://thehackernews.com/2023/05/sneaky-dogerat-trojan-poses-as-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8340413 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices. The approach, dubbed BrutePrint, bypasses limits put in place to counter failed biometric authentication attempts by weaponizing two zero-day vulnerabilities in the smartphone fingerprint authentication (SFA]]> 2023-05-29T20:01:00+00:00 https://thehackernews.com/2023/05/new-bruteprint-attack-lets-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8340220 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per month. Some of the prominent malware families contained within AceCryptor are SmokeLoader, RedLine]]> 2023-05-29T17:45:00+00:00 https://thehackernews.com/2023/05/acecryptor-cybercriminals-powerful.html www.secnews.physaphae.fr/article.php?IdArticle=8340195 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If you\'re a cybersecurity professional, you\'re likely familiar with the sea of acronyms our industry is obsessed with. From CNAPP, to CWPP, to CIEM and all of the myriad others, there seems to be a new initialism born each day. In this article, we\'ll look at another trending acronym – CTEM, which stands for Continuous Threat Exposure Management – and the often-surprising challenges that come]]> 2023-05-29T17:17:00+00:00 https://thehackernews.com/2023/05/3-challenges-in-building-continuous.html www.secnews.physaphae.fr/article.php?IdArticle=8340196 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center (JPCERT/CC) said in a report published today. The compromise of an internet-exposed router is followed by the]]> 2023-05-29T15:20:00+00:00 https://thehackernews.com/2023/05/new-gobrat-remote-access-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8340170 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a .ZIP domain. "With this phishing attack, you simulate a file archiver software (e.g., WinRAR) in the browser and use a .zip domain to make it appear more legitimate," security researcher mr.d0x disclosed last week. Threat actors, in a]]> 2023-05-29T12:44:00+00:00 https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html www.secnews.physaphae.fr/article.php?IdArticle=8340156 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software repository will be required to turn on two-factor authentication (2FA) by the end of the year. "Between now and the end of the year, PyPI will begin gating access to certain site functionality based on 2FA usage," PyPI administrator Donald Stufft said. "In addition]]> 2023-05-29T10:28:00+00:00 https://thehackernews.com/2023/05/pypi-implements-mandatory-two-factor.html www.secnews.physaphae.fr/article.php?IdArticle=8340124 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets.  "It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility," Trend Micro said in a Friday report]]> 2023-05-27T13:40:00+00:00 https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8339833 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered services using the framework susceptible to credential leakage, which could]]> 2023-05-27T13:15:00+00:00 https://thehackernews.com/2023/05/critical-oauth-vulnerability-in-expo.html www.secnews.physaphae.fr/article.php?IdArticle=8339834 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security flaw has been disclosed in the Google Cloud Platform\'s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. "The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP data like secrets, sensitive files, passwords, in addition]]> 2023-05-26T21:55:00+00:00 https://thehackernews.com/2023/05/severe-flaw-in-google-clouds-cloud-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8339647 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google\'s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware, which is delivered by means of]]> 2023-05-26T18:09:00+00:00 https://thehackernews.com/2023/05/predator-android-spyware-researchers.html www.secnews.physaphae.fr/article.php?IdArticle=8339597 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that can be vital for governments and]]> 2023-05-26T17:18:00+00:00 https://thehackernews.com/2023/05/5-must-know-facts-about-5g-network.html www.secnews.physaphae.fr/article.php?IdArticle=8339590 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new strain of malicious software that\'s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put to use in the wild. "The]]> 2023-05-26T12:08:00+00:00 https://thehackernews.com/2023/05/new-cosmicenergy-malware-exploits-ics.html www.secnews.physaphae.fr/article.php?IdArticle=8339559 False Malware,Threat,Industrial CosmicEnergy 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company\'s Email Security Gateway (ESG) appliances. The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006. The California-headquartered firm]]> 2023-05-26T09:34:00+00:00 https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8339537 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices," Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News. Targets include]]> 2023-05-25T20:23:00+00:00 https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html www.secnews.physaphae.fr/article.php?IdArticle=8339407 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system. A brief description of the two issues is below - CVE-2023-33009 -]]> 2023-05-25T20:13:00+00:00 https://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html www.secnews.physaphae.fr/article.php?IdArticle=8339408 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines. Cynet protections were in place on most of the Windows XP and Windows 7 machines during the upgrade process, ensuring that legacy operating systems would not]]> 2023-05-25T19:17:00+00:00 https://thehackernews.com/2023/05/cynet-protects-hospital-from-lethal.html www.secnews.physaphae.fr/article.php?IdArticle=8339379 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim\'s Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to the execution of a .NET]]> 2023-05-25T19:09:00+00:00 https://thehackernews.com/2023/05/new-powerexchange-backdoor-used-in.html www.secnews.physaphae.fr/article.php?IdArticle=8339380 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Brazilian threat actor is targeting Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. "The attackers can steal credentials and exfiltrate users\' data and personal information, which can be leveraged for malicious activities beyond financial gain," SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in a]]> 2023-05-25T17:02:00+00:00 https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html www.secnews.physaphae.fr/article.php?IdArticle=8339327 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital landscape, browser security has become an increasingly pressing issue, making it essential for organizations to be aware of the latest threats to browser security. That\'s why the Browser Security platform LayerX is hosting a webinar featuring guest speaker Paddy Harrington, a senior analyst at Forrester and the lead author of Forrester\'s browser security report "Securing The]]> 2023-05-25T16:20:00+00:00 https://thehackernews.com/2023/05/webinar-with-guest-forrester-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8339328 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn\'t develop its own ransomware, it does utilize what appears to be one custom-developed tool, an information stealer designed to search for and archive specified file types," Symantec said in a]]> 2023-05-25T16:10:00+00:00 https://thehackernews.com/2023/05/buhti-ransomware-gang-switches-tactics.html www.secnews.physaphae.fr/article.php?IdArticle=8339329 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant\'s threat intelligence team is tracking the activity, which includes post-compromise credential access and network system discovery, under the name Volt Typhoon. The]]> 2023-05-25T13:58:00+00:00 https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html www.secnews.physaphae.fr/article.php?IdArticle=8339287 False Threat Guam 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations. Agrius, also known as Pink Sandstorm (formerly Americium), has a track record of staging destructive data-wiping attacks aimed at Israel under the guise of ransomware infections. Microsoft has attributed the threat actor to Iran\'s Ministry of]]> 2023-05-25T11:33:00+00:00 https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8339260 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to secure their software supply chains. To that end, the search giant is making available the open source framework as an API for developers to integrate their own tools and policy engines. GUAC aims to aggregate software security metadata from different sources]]> 2023-05-25T11:15:00+00:00 https://thehackernews.com/2023/05/guac-01-beta-googles-breakthrough.html www.secnews.physaphae.fr/article.php?IdArticle=8339261 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Iranian threat actor tracked as Tortoiseshell, which is also called Crimson Sandstorm (previously Curium), Imperial Kitten, and TA456. "The infected]]> 2023-05-24T19:19:00+00:00 https://thehackernews.com/2023/05/iranian-tortoiseshell-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8339046 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If you\'re involved in securing the applications your organization develops, there is no question that Static Application Security Testing (SAST) solutions are an important part of a comprehensive application security strategy. SAST secures software, supports business more securely, cuts down on costs, reduces risk, and speeds time to development, delivery, and deployment of mission-critical]]> 2023-05-24T16:21:00+00:00 https://thehackernews.com/2023/05/what-to-look-for-when-selecting-static.html www.secnews.physaphae.fr/article.php?IdArticle=8338988 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app (APK package name "com.tsoft.app.iscreenrecorder"), which accrued over 50,000 installations, was first uploaded on September 19, 2021. The malicious functionality]]> 2023-05-24T16:03:00+00:00 https://thehackernews.com/2023/05/data-stealing-malware-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8338989 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications,"]]> 2023-05-24T15:30:00+00:00 https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html www.secnews.physaphae.fr/article.php?IdArticle=8338990 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC), which detailed the advanced persistent threat\'s (APT) continued abuse of DLL side-loading techniques to deploy malware. "The]]> 2023-05-24T13:00:00+00:00 https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8338945 False Malware APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021, leverages phishing lures to deploy a variety of malicious tools on infected systems. The origins of the hacking crew are presently unknown. In]]> 2023-05-24T12:24:00+00:00 https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html www.secnews.physaphae.fr/article.php?IdArticle=8338946 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group\'s activities since mid-2020, characterized the adversary as both capable and stealthy. The targeting scope of the campaign is focused on Afghanistan, Azerbaijan, Iran, Iraq,]]> 2023-05-23T21:00:00+00:00 https://thehackernews.com/2023/05/goldenjackal-new-threat-group-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8338799 False Threat GoldenJackal 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of reconnaissance campaigns to enable subsequent attacks," SentinelOne researchers Aleksandar Milenkoski and Tom]]> 2023-05-23T19:26:00+00:00 https://thehackernews.com/2023/05/north-korean-kimsuky-hackers-strike.html www.secnews.physaphae.fr/article.php?IdArticle=8338750 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The most precious asset in today\'s information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has become increasingly challenging, as highlighted by the 2023 State of Secrets Sprawl report, the largest analysis of public GitHub activity.  The report shows a 67% year-over-year increase in the number of secrets found, with 10 million hard-coded secrets detected]]> 2023-05-23T16:46:00+00:00 https://thehackernews.com/2023/05/the-rising-threat-of-secrets-sprawl-and.html www.secnews.physaphae.fr/article.php?IdArticle=8338697 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX (WinTapix.sys), attributed the malware with low confidence to an Iranian threat actor. "WinTapix.sys is essentially a loader," security researchers Geri Revay and Hossein Jazi said]]> 2023-05-23T16:41:00+00:00 https://thehackernews.com/2023/05/new-wintapixsys-malware-engages-in.html www.secnews.physaphae.fr/article.php?IdArticle=8338698 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) China has banned U.S. chip maker Micron from selling its products to Chinese companies working on key infrastructure projects, citing national security risks. The development comes nearly two months after the country\'s cybersecurity authority initiated a probe in late March 2023 to assess potential network security risks. "The purpose of this network security review of Micron\'s products is to]]> 2023-05-23T12:17:00+00:00 https://thehackernews.com/2023/05/china-bans-us-chip-giant-micron-citing.html www.secnews.physaphae.fr/article.php?IdArticle=8338660 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Facebook\'s parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S. In a binding decision taken by the European Data Protection Board (EDPB), the social media giant has been ordered to bring its data transfers into compliance with the GDPR and delete unlawfully stored and processed]]> 2023-05-22T23:18:00+00:00 https://thehackernews.com/2023/05/eu-regulators-hit-meta-with-record-13.html www.secnews.physaphae.fr/article.php?IdArticle=8338521 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company\'s Permiso P0 Labs, which first detected the group in November 2021, has assigned it the moniker GUI-vil (pronounced Goo-ee-vil). "The group displays a preference for Graphical]]> 2023-05-22T21:35:00+00:00 https://thehackernews.com/2023/05/indonesian-cybercriminals-exploit-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8338466 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has not only been linked to a fresh sophisticated campaign, but also to an activity cluster that first came to light in May 2016. "While the]]> 2023-05-22T18:17:00+00:00 https://thehackernews.com/2023/05/bad-magics-extended-reign-in-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8338435 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization\'s reputation, induce considerable financial losses, and even have serious legal repercussions. From the infamous Cambridge Analytica scandal to the Equifax data breach, there have been some pretty high-profile leaks resulting in massive]]> 2023-05-22T16:42:00+00:00 https://thehackernews.com/2023/05/are-your-apis-leaking-sensitive-data.html www.secnews.physaphae.fr/article.php?IdArticle=8338400 False None Equifax,Equifax 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offenses, including facilitating fraud and possessing and transferring]]> 2023-05-22T12:31:00+00:00 https://thehackernews.com/2023/05/uk-fraudster-behind-ispoof-scam.html www.secnews.physaphae.fr/article.php?IdArticle=8338340 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim\'s master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux, and macOS, and is expected to be patched in version 2.54, which is likely to be released early]]> 2023-05-22T12:03:00+00:00 https://thehackernews.com/2023/05/keepass-exploit-allows-attackers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8338331 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. "The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion,]]> 2023-05-21T14:28:00+00:00 https://thehackernews.com/2023/05/pypi-repository-under-attack-user-sign.html www.secnews.physaphae.fr/article.php?IdArticle=8338203 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom,"]]> 2023-05-20T16:18:00+00:00 https://thehackernews.com/2023/05/meet-jack-from-romania-mastermind.html www.secnews.physaphae.fr/article.php?IdArticle=8338071 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor\'s first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest. "In these recent attacks, Sangria Tempest uses the PowerShell script POWERTRASH to load]]> 2023-05-20T12:19:00+00:00 https://thehackernews.com/2023/05/notorious-cyber-gang-fin7-returns-cl0p.html www.secnews.physaphae.fr/article.php?IdArticle=8338047 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a]]> 2023-05-20T09:45:00+00:00 https://thehackernews.com/2023/05/samsung-devices-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8338022 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting]]> 2023-05-19T17:58:00+00:00 https://thehackernews.com/2023/05/privacy-sandbox-initiative-google-to.html www.secnews.physaphae.fr/article.php?IdArticle=8337896 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because of its inability to apply any security measures beyond checking for a password and username match, AD (as well the resources it manages) is]]> 2023-05-19T16:34:00+00:00 https://thehackernews.com/2023/05/dr-active-directory-vs-mr-exposed.html www.secnews.physaphae.fr/article.php?IdArticle=8337876 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down. ReversingLabs, which broke]]> 2023-05-19T16:10:00+00:00 https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html www.secnews.physaphae.fr/article.php?IdArticle=8337877 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord)," eSentire]]> 2023-05-19T12:23:00+00:00 https://thehackernews.com/2023/05/searching-for-ai-tools-watch-out-for.html www.secnews.physaphae.fr/article.php?IdArticle=8337842 False Malware ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address three new zero-day flaws that it said are being actively exploited in the wild. The three security shortcomings are listed below - CVE-2023-32409 - A WebKit flaw that could be exploited by a malicious actor to break out of the Web Content sandbox. It was addressed with]]> 2023-05-19T09:13:00+00:00 https://thehackernews.com/2023/05/webkit-under-attack-apple-issues.html www.secnews.physaphae.fr/article.php?IdArticle=8337822 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks. "The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages, social media and online messaging accounts and monetization via advertisements and click fraud,"]]> 2023-05-18T22:00:00+00:00 https://thehackernews.com/2023/05/this-cybercrime-syndicate-pre-infected.html www.secnews.physaphae.fr/article.php?IdArticle=8337704 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks, it\'s essential to simplify and reframe your defenses. Zscaler Deception is a state-of-the-art next-generation deception technology seamlessly integrated with the Zscaler Zero Trust Exchange. It creates a hostile environment for attackers and enables you to track]]> 2023-05-18T17:35:00+00:00 https://thehackernews.com/2023/05/join-this-webinar-zero-trust-deception.html www.secnews.physaphae.fr/article.php?IdArticle=8337656 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts. This digital transformation of the factory floor has accelerated the connection of machinery to digital systems and data. Computer systems for managing and monitoring digital systems and data have been added to the hardware and software used for]]> 2023-05-18T16:12:00+00:00 https://thehackernews.com/2023/05/how-to-reduce-exposure-on-manufacturing.html www.secnews.physaphae.fr/article.php?IdArticle=8337610 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on the East Asian island country. "From malicious emails and URLs to malware, the strain between China\'s claim of Taiwan as part of its territory and Taiwan\'s maintained independence has evolved into a worrying surge in attacks," the Trellix Advanced Research Center said]]> 2023-05-18T15:23:00+00:00 https://thehackernews.com/2023/05/escalating-china-taiwan-tensions-fuel.html www.secnews.physaphae.fr/article.php?IdArticle=8337595 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands]]> 2023-05-18T15:01:00+00:00 https://thehackernews.com/2023/05/8220-gang-exploiting-oracle-weblogic.html www.secnews.physaphae.fr/article.php?IdArticle=8337596 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to tens of thousands of victims in the country. Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, has been accused of setting up a carding site called Skynet Market that specialized in the trafficking of credit and debit card data. Mihalo and his]]> 2023-05-18T12:09:00+00:00 https://thehackernews.com/2023/05/darknet-carding-kingpin-pleads-guilty.html www.secnews.physaphae.fr/article.php?IdArticle=8337570 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has announced that it prevented over $2 billion in potentially fraudulent transactions and rejected roughly 1.7 million app submissions for privacy and security violations in 2022. The computing giant said it terminated 428,000 developer accounts for potential fraudulent activity, blocked 105,000 fake developer account creations, and deactivated 282 million bogus customer accounts. It]]> 2023-05-18T11:49:00+00:00 https://thehackernews.com/2023/05/apple-thwarts-2-billion-in-app-store.html www.secnews.physaphae.fr/article.php?IdArticle=8337571 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to run arbitrary code or cause a denial-of-service (DoS) condition. "These vulnerabilities are due to improper validation of requests that are sent to the web interface," Cisco said, crediting an unnamed external researcher for]]> 2023-05-18T10:48:00+00:00 https://thehackernews.com/2023/05/critical-flaws-in-cisco-small-business.html www.secnews.physaphae.fr/article.php?IdArticle=8337530 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking group dubbed OilAlpha with suspected ties to Yemen\'s Houthi movement has been linked to a cyber espionage campaign targeting development, humanitarian, media, and non-governmental organizations in the Arabian peninsula. "OilAlpha used encrypted chat messengers like WhatsApp to launch social engineering attacks against its targets," cybersecurity company Recorded Future said in a]]> 2023-05-17T19:14:00+00:00 https://thehackernews.com/2023/05/oilalpha-emerging-houthi-linked-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8337383 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Software is rarely a one-and-done proposition. In fact, any application available today will likely need to be updated – or patched – to fix bugs, address vulnerabilities, and update key features at multiple points in the future. With the typical enterprise relying on a multitude of applications, servers, and end-point devices in their day-to-day operations, the acquisition of a robust patch]]> 2023-05-17T17:24:00+00:00 https://thehackernews.com/2023/05/identifying-patch-management-solution.html www.secnews.physaphae.fr/article.php?IdArticle=8337353 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party remote management tools within compromised environments. Google-owned Mandiant attributed the activity to a threat group it tracks under the name UNC3944, which is also known as Roasted 0ktapus and Scattered Spider. "This method of attack was unique in]]> 2023-05-17T17:22:00+00:00 https://thehackernews.com/2023/05/threat-group-unc3944-abusing-azure.html www.secnews.physaphae.fr/article.php?IdArticle=8337354 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The second generation version of Belkin\'s Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on January 9, 2023, by Israeli IoT security company Sternum, which reverse-engineered the device and]]> 2023-05-17T15:47:00+00:00 https://thehackernews.com/2023/05/serious-unpatched-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8337334 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in Pakistan and China. This comprises a network of 55 domains and IP addresses used by the threat actor, cybersecurity companies Group-IB and Bridewell said in a joint report shared with The Hacker News. "The identified phishing]]> 2023-05-17T14:10:00+00:00 https://thehackernews.com/2023/05/state-sponsored-sidewinder-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8337299 False Threat APT-C-17 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in question, is alleged to be a "central figure" in the development and deployment of LockBit, Babuk,]]> 2023-05-17T10:59:00+00:00 https://thehackernews.com/2023/05/us-offers-10-million-bounty-for-capture.html www.secnews.physaphae.fr/article.php?IdArticle=8337255 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks aimed at European foreign affairs entities since January 2023. An analysis of these intrusions, per Check Point researchers Itay Cohen and Radoslaw Madej, has revealed a custom firmware implant designed explicitly for TP-Link routers. "The implant features several malicious]]> 2023-05-16T20:15:00+00:00 https://thehackernews.com/2023/05/chinas-mustang-panda-hackers-exploit-tp.html www.secnews.physaphae.fr/article.php?IdArticle=8337002 False None None 2.0000000000000000