This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-04T16:37:01+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud. "This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security,"]]> 2023-04-25T10:03:00+00:00 https://thehackernews.com/2023/04/google-authenticator-app-gets-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8330828 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. "Tomiris\'s endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. "The threat actor targets government and]]> 2023-04-24T19:30:00+00:00 https://thehackernews.com/2023/04/russian-hackers-tomiris-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8330610 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are employing a previously undocumented "defense evasion tool" dubbed AuKill that\'s designed to disable endpoint detection and response (EDR) software by means of a Bring Your Own Vulnerable Driver (BYOVD) attack. "The AuKill tool abuses an outdated version of the driver used by version 16.32 of the Microsoft utility, Process Explorer, to disable EDR processes before deploying]]> 2023-04-24T19:14:00+00:00 https://thehackernews.com/2023/04/ransomware-hackers-using-aukill-tool-to.html www.secnews.physaphae.fr/article.php?IdArticle=8330611 False Ransomware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recent review by Wing Security, a SaaS security company that analyzed the data of over 500 companies, revealed some worrisome information. According to this review, 84% of the companies had employees using an average of 3.5 SaaS applications that were breached in the previous 3 months. While this is concerning, it isn\'t much of a surprise. The exponential growth in SaaS usage has security and]]> 2023-04-24T17:25:00+00:00 https://thehackernews.com/2023/04/study-84-of-companies-use-breached-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8330576 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to surreptitiously backdoor websites as part of an ongoing campaign, Sucuri revealed in a report published last week. The plugin in question is Eval PHP, released by a developer named flashpixx. It allows users to insert PHP code pages and posts of WordPress sites that\'s then executed every time the posts are]]> 2023-04-24T17:11:00+00:00 https://thehackernews.com/2023/04/hackers-exploit-outdated-wordpress.html www.secnews.physaphae.fr/article.php?IdArticle=8330577 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "It also contains environment checking and Anti-VM functions. Its primary purpose seems to be to]]> 2023-04-24T12:06:00+00:00 https://thehackernews.com/2023/04/new-all-in-one-evilextractor-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8330502 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the wild," citing two vulnerability reports from cybersecurity company Trend Micro. "PaperCut has conducted analysis on all customer reports, and the earliest signature of suspicious activity on a customer server potentially linked to this vulnerability is 14th April 01]]> 2023-04-24T11:35:00+00:00 https://thehackernews.com/2023/04/russian-hackers-suspected-in-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8330503 False Vulnerability,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come courtesy of Symantec\'s Threat Hunter Team, confirm earlier suspicions that the]]> 2023-04-22T12:16:00+00:00 https://thehackernews.com/2023/04/lazarus-xtrader-hack-impacts-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8330173 False Hack,Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows - CVE-2023-28432 (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability  CVE-2023-27350 (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control]]> 2023-04-22T11:30:00+00:00 https://thehackernews.com/2023/04/cisa-adds-3-actively-exploited-flaws-to.html www.secnews.physaphae.fr/article.php?IdArticle=8330174 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. "The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack," cloud security firm Aqua said in a report shared with The Hacker News. The Israeli company, which dubbed the attack]]> 2023-04-21T18:56:00+00:00 https://thehackernews.com/2023/04/kubernetes-rbac-exploited-in-large.html www.secnews.physaphae.fr/article.php?IdArticle=8329960 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim\'s Google account. Israeli cybersecurity startup Astrix Security, which discovered and reported the issue to Google on June 19, 2022, dubbed the shortcoming GhostToken. The issue]]> 2023-04-21T17:43:00+00:00 https://thehackernews.com/2023/04/ghosttoken-flaw-could-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8329931 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets. In response, Uptycs, the first]]> 2023-04-21T17:20:00+00:00 https://thehackernews.com/2023/04/14-kubernetes-and-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8329932 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the incident marks the first time it has seen a "software supply chain attack lead to another software]]> 2023-04-21T15:25:00+00:00 https://thehackernews.com/2023/04/nk-hackers-employ-matryoshka-doll-style.html www.secnews.physaphae.fr/article.php?IdArticle=8329907 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems. The most severe of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director (CVE-2023-20036, CVSS score: 9.9), which resides in the web UI component and arises as a result of]]> 2023-04-21T11:11:00+00:00 https://thehackernews.com/2023/04/cisco-and-vmware-release-security.html www.secnews.physaphae.fr/article.php?IdArticle=8329856 False Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A chain of two critical flaws has been disclosed in Alibaba Cloud\'s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL that could be exploited to breach tenant isolation protections and access sensitive data belonging to other customers. "The vulnerabilities potentially allowed unauthorized access to Alibaba Cloud customers\' PostgreSQL databases and the ability to perform a supply chain]]> 2023-04-20T19:23:00+00:00 https://thehackernews.com/2023/04/two-critical-flaws-found-in-alibaba.html www.secnews.physaphae.fr/article.php?IdArticle=8329705 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users. The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today. The findings are crucial, not least because it marks the first publicly documented example of the]]> 2023-04-20T17:26:00+00:00 https://thehackernews.com/2023/04/lazarus-group-adds-linux-malware-to.html www.secnews.physaphae.fr/article.php?IdArticle=8329661 False Malware APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Why is Visibility into OT Environments Crucial? The significance of Operational Technology (OT) for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage industrial environments and critical infrastructures. In recent years, adversaries have recognized the]]> 2023-04-20T17:26:00+00:00 https://thehackernews.com/2023/04/beyond-traditional-security-ndrs.html www.secnews.physaphae.fr/article.php?IdArticle=8329660 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 (CVSS score: 7.2), concerns a case of pre-authenticated command injection that could be abused to achieve code execution. The]]> 2023-04-20T16:52:00+00:00 https://thehackernews.com/2023/04/fortra-sheds-light-on-goanywhere-mft.html www.secnews.physaphae.fr/article.php?IdArticle=8329643 False Ransomware,Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate productivity boosters. However, the very same technology that enables rapid production of high-quality text on demand, can at the same time expose sensitive corporate data. A recent incident, in which Samsung software engineers pasted proprietary code into ChatGPT,]]> 2023-04-20T16:48:00+00:00 https://thehackernews.com/2023/04/chatgpts-data-protection-blind-spots.html www.secnews.physaphae.fr/article.php?IdArticle=8329644 False None ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda. The campaign makes use of "previously unseen plugins from]]> 2023-04-20T15:56:00+00:00 https://thehackernews.com/2023/04/daggerfly-cyberattack-campaign-hits.html www.secnews.physaphae.fr/article.php?IdArticle=8329617 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the world," the interdisciplinary laboratory]]> 2023-04-20T15:41:00+00:00 https://thehackernews.com/2023/04/nso-group-used-3-zero-click-iphone.html www.secnews.physaphae.fr/article.php?IdArticle=8329618 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Elite hackers associated with Russia\'s military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google\'s Threat Analysis Group (TAG), which is monitoring the activities of the actor under the name FROZENLAKE, said the attacks continue the "group\'s 2022 focus]]> 2023-04-19T21:11:00+00:00 https://thehackernews.com/2023/04/google-tag-warns-of-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8329398 False Threat APT 28 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social engineering tactics, and spear-phishing attacks," ThreatMon said in a Tuesday report. Blind Eagle, also]]> 2023-04-19T20:45:00+00:00 https://thehackernews.com/2023/04/blind-eagle-cyber-espionage-group.html www.secnews.physaphae.fr/article.php?IdArticle=8329399 False None APT-C-36 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library. Clément Lecigne of Google\'s Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on April 12, 2023. "]]> 2023-04-19T19:17:00+00:00 https://thehackernews.com/2023/04/google-chrome-hit-by-second-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8329359 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe," Uptycs security researcher Tejaswini Sandapolla said in a technical report published this week.]]> 2023-04-19T16:58:00+00:00 https://thehackernews.com/2023/04/pakistani-hackers-use-linux-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8329331 False Malware,Tool,Threat APT 36 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recent data breaches across CircleCI, LastPass, and Okta underscore a common theme: The enterprise SaaS stacks connected to these industry-leading apps can be at serious risk for compromise. CircleCI, for example, plays an integral, SaaS-to-SaaS role for SaaS app development. Similarly, tens of thousands of organizations rely on Okta and LastPass security roles for SaaS identity and access]]> 2023-04-19T16:02:00+00:00 https://thehackernews.com/2023/04/uncovering-and-understanding-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8329310 False Cloud LastPass,LastPass 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of entities in Europe, U.S. government institutions, and about 250 Ukrainian victims. The]]> 2023-04-19T15:00:00+00:00 https://thehackernews.com/2023/04/us-and-uk-warn-of-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8329311 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. "This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing N-day vulnerabilities, and has demonstrated agility in its operational focus, which appears to align]]> 2023-04-19T12:12:00+00:00 https://thehackernews.com/2023/04/iranian-government-backed-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8329272 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of the sandbox protections. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on the CVSS scoring system and have been addressed in versions 3.9.16 and 3.9.17, respectively. Successful exploitation of the bugs, which allow]]> 2023-04-19T10:23:00+00:00 https://thehackernews.com/2023/04/critical-flaws-in-vm2-javascript.html www.secnews.physaphae.fr/article.php?IdArticle=8329223 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" (read: invalid printer) that\'s used to deliver the Aurora information stealer malware. "The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM (virtual machine) technique," cybersecurity firm Morphisec said in a report]]> 2023-04-18T19:15:00+00:00 https://thehackernews.com/2023/04/youtube-videos-distributing-aurora.html www.secnews.physaphae.fr/article.php?IdArticle=8328933 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app storefront in South Korea. The rogue component is part of a third-party software library used by the apps in]]> 2023-04-18T17:57:00+00:00 https://thehackernews.com/2023/04/goldoson-android-malware-infects-over.html www.secnews.physaphae.fr/article.php?IdArticle=8328883 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Rapid technological evolution requires security that is resilient, up to date and adaptable. In this article, we will cover the transformation in the field of DFIR (digital forensics and incident response) in the last couple years, focusing on the digital forensics\' aspect and how XDR fits into the picture. Before we dive into the details, let\'s first break down the main components of DFIR and]]> 2023-04-18T17:01:00+00:00 https://thehackernews.com/2023/04/dfir-via-xdr-how-to-expedite-your.html www.secnews.physaphae.fr/article.php?IdArticle=8328868 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary\'s use of the SimpleHelp remote support software in June 2022. MuddyWater,]]> 2023-04-18T14:35:00+00:00 https://thehackernews.com/2023/04/iranian-hackers-using-simplehelp-remote.html www.secnews.physaphae.fr/article.php?IdArticle=8328848 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors behind the LockBit ransomware operation have developed new artifacts that can encrypt files on devices running Apple\'s macOS operating system. The development, which was reported by the MalwareHunterTeam over the weekend, appears to be the first time a big-game ransomware crew has created a macOS-based payload. Additional samples identified by vx-underground show that the macOS]]> 2023-04-18T12:40:00+00:00 https://thehackernews.com/2023/04/lockbit-ransomware-now-targeting-apple.html www.secnews.physaphae.fr/article.php?IdArticle=8328827 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft. The development was reported by the Israeli business newspaper Calcalist, citing unnamed sources, adding the company "hasn\'t been fully active for a while" and that it "has been in a difficult situation for several]]> 2023-04-17T22:02:00+00:00 https://thehackernews.com/2023/04/israeli-spyware-vendor-quadream-to-shut.html www.secnews.physaphae.fr/article.php?IdArticle=8328671 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spain, the U.S., Russia, France, the U.K., and Morocco. QBot (aka Qakbot or Pinkslipbot) is a banking]]> 2023-04-17T21:36:00+00:00 https://thehackernews.com/2023/04/new-qbot-banking-trojan-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8328672 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-on exploitation on compromised systems, including delivering a lesser-known information stealer that]]> 2023-04-17T19:20:00+00:00 https://thehackernews.com/2023/04/fin7-and-ex-conti-cybercrime-gangs-join.html www.secnews.physaphae.fr/article.php?IdArticle=8328617 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are used interchangeably, this confusion is understandable. This confusion, though, is dangerous to organizations that need to secure]]> 2023-04-17T19:02:00+00:00 https://thehackernews.com/2023/04/whats-difference-between-cspm-sspm.html www.secnews.physaphae.fr/article.php?IdArticle=8328618 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google\'s infrastructure for malicious ends. The tech giant\'s Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed moniker HOODOO, which is]]> 2023-04-17T17:16:00+00:00 https://thehackernews.com/2023/04/google-uncovers-apt41s-use-of-open.html www.secnews.physaphae.fr/article.php?IdArticle=8328593 False Tool,Threat APT 41,APT 41 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Deep, Dark Web – The Underground – is a haven for cybercriminals, teeming with tools and resources to launch attacks for financial gain, political motives, and other causes. But did you know that the underground also offers a goldmine of threat intelligence and information that can be harnessed to bolster your cyber defense strategies? The challenge lies in continuously monitoring the right]]> 2023-04-17T17:06:00+00:00 https://thehackernews.com/2023/04/tour-of-underground-master-art-of-dark.html www.secnews.physaphae.fr/article.php?IdArticle=8328594 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. "Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and scripts] negate the need to bring in external tools that might be flagged by]]> 2023-04-17T13:31:00+00:00 https://thehackernews.com/2023/04/vice-society-ransomware-using-stealthy.html www.secnews.physaphae.fr/article.php?IdArticle=8328559 False Ransomware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week. "Once the]]> 2023-04-17T12:29:00+00:00 https://thehackernews.com/2023/04/new-zaraza-bot-credential-stealer-sold.html www.secnews.physaphae.fr/article.php?IdArticle=8328537 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google\'s Threat Analysis Group (TAG) has been]]> 2023-04-15T09:28:00+00:00 https://thehackernews.com/2023/04/google-releases-urgent-chrome-update-to.html www.secnews.physaphae.fr/article.php?IdArticle=8328023 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland\'s Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as]]> 2023-04-14T18:27:00+00:00 https://thehackernews.com/2023/04/russia-linked-hackers-launches.html www.secnews.physaphae.fr/article.php?IdArticle=8327789 False Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company\'s MyBB forum database containing user data and private messages. What\'s more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently]]> 2023-04-14T15:52:00+00:00 https://thehackernews.com/2023/04/kodi-confirms-data-breach-400k-user.html www.secnews.physaphae.fr/article.php?IdArticle=8327742 False Data Breach,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability]]> 2023-04-14T12:45:00+00:00 https://thehackernews.com/2023/04/severe-android-and-novi-survey.html www.secnews.physaphae.fr/article.php?IdArticle=8327705 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers\' cyber resilience.  The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs and MSSPs to provide strategic]]> 2023-04-14T12:43:00+00:00 https://thehackernews.com/2023/04/webinar-tips-from-mssps-to-mssps.html www.secnews.physaphae.fr/article.php?IdArticle=8327706 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they\'re known and fixed, which is the real story," the company said in an announcement. "Those risks span everything from]]> 2023-04-14T01:30:00+00:00 https://thehackernews.com/2023/04/google-launches-new-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8327559 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. "The \'Read The Manual\' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang\'s strict rules,"]]> 2023-04-13T22:10:00+00:00 https://thehackernews.com/2023/04/rtm-locker-emerging-cybercrime-group.html www.secnews.physaphae.fr/article.php?IdArticle=8327519 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user\'s mobile device doesn\'t impact their account. "Mobile device malware is one of the biggest threats to people\'s privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages,"]]> 2023-04-13T18:32:00+00:00 https://thehackernews.com/2023/04/whatsapp-introduces-new-device.html www.secnews.physaphae.fr/article.php?IdArticle=8327447 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An emerging Python-based credential harvester and a hacking tool named Legion are being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. Legion, according to Cado Labs, includes modules to enumerate vulnerable SMTP servers, conduct remote code execution (RCE) attacks, exploit unpatched versions of Apache, and brute-force cPanel and]]> 2023-04-13T16:40:00+00:00 https://thehackernews.com/2023/04/new-python-based-legion-hacking-tool.html www.secnews.physaphae.fr/article.php?IdArticle=8327436 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial data loss. For those that aren\'t familiar with the term, shadow APIs are a type of application programming interface (API) that isn\'t officially documented or supported.  Contrary to popular belief, it\'s unfortunately all too common to have APIs in production that no one on]]> 2023-04-13T15:49:00+00:00 https://thehackernews.com/2023/04/why-shadow-apis-are-more-dangerous-than.html www.secnews.physaphae.fr/article.php?IdArticle=8327424 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the Indian education sector using a continuously maintained piece of malware called Crimson RAT. While the suspected Pakistan-based threat group is known to target military and government entities in the country, the activities have since expanded to include the education]]> 2023-04-13T15:49:00+00:00 https://thehackernews.com/2023/04/pakistan-based-transparent-tribe.html www.secnews.physaphae.fr/article.php?IdArticle=8327425 False Malware,Threat APT 36 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running activity called DeathNote. While the nation-state adversary is known for its persistent attacks on the cryptocurrency sector, it has also targeted automotive, academic, and defense sectors in Eastern Europe and other parts of the world]]> 2023-04-13T14:37:00+00:00 https://thehackernews.com/2023/04/lazarus-hacker-group-evolves-tactics.html www.secnews.physaphae.fr/article.php?IdArticle=8327373 False Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are "safe and secure." To that end, it has partnered with the crowdsourced security platform Bugcrowd for independent researchers to report vulnerabilities discovered in its product in exchange for rewards ranging from "$200 for low-severity findings to up to]]> 2023-04-13T10:05:00+00:00 https://thehackernews.com/2023/04/chatgpt-security-openais-bug-bounty.html www.secnews.physaphae.fr/article.php?IdArticle=8327327 False None ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and an NGO worker in 2021.]]> 2023-04-12T17:28:00+00:00 https://thehackernews.com/2023/04/israel-based-spyware-firm-quadream.html www.secnews.physaphae.fr/article.php?IdArticle=8327072 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Here\'s a hard question to answer: \'How many service accounts do you have in your environment?\'. A harder one is: \'Do you know what these accounts are doing?\'. And the hardest is probably: \'If any of your service account was compromised and used to access resources would you be able to detect and stop that in real-time?\'.  Since most identity and security teams would provide a negative reply,]]> 2023-04-12T17:20:00+00:00 https://thehackernews.com/2023/04/the-service-accounts-challenge-cant-see.html www.secnews.physaphae.fr/article.php?IdArticle=8327073 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild. Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by 20]]> 2023-04-12T12:08:00+00:00 https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html www.secnews.physaphae.fr/article.php?IdArticle=8327000 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus. The findings are the result of an interim assessment conducted by Google-owned Mandiant, whose services were enlisted after the intrusion came to light late last month. The threat intelligence]]> 2023-04-12T09:36:00+00:00 https://thehackernews.com/2023/04/lazarus-sub-group-labyrinth-chollima.html www.secnews.physaphae.fr/article.php?IdArticle=8326981 False Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal access-tokens of higher privilege identities, move laterally, potentially access critical business assets, and]]> 2023-04-11T18:30:00+00:00 https://thehackernews.com/2023/04/newly-discovered-by-design-flaw-in.html www.secnews.physaphae.fr/article.php?IdArticle=8326651 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps," Kaspersky said in a new report based on messages]]> 2023-04-11T17:59:00+00:00 https://thehackernews.com/2023/04/cybercriminals-turn-to-android-loaders.html www.secnews.physaphae.fr/article.php?IdArticle=8326634 False Malware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s perilous cyber risk landscape, CISOs and CIOs must defend their organizations against relentless cyber threats, including ransomware, phishing, attacks on infrastructure, supply chain breaches, malicious insiders, and much more. Yet at the same time, security leaders are also under tremendous pressure to reduce costs and invest wisely.  One of the most effective ways for CISOs and]]> 2023-04-11T17:12:00+00:00 https://thehackernews.com/2023/04/ebook-step-by-step-guide-to-cyber-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8326602 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was detailed by JFrog late last month, impersonated legitimate packages to execute PowerShell code designed to retrieve a follow-on binary]]> 2023-04-11T14:46:00+00:00 https://thehackernews.com/2023/04/cryptocurrency-stealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8326568 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Estonian national has been charged in the U.S. for purchasing U.S.-made electronics on behalf of the Russian government and military. The 45-year-old individual, Andrey Shevlyakov, was arrested on March 28, 2023, in Tallinn. He has been indicted with 18 counts of conspiracy and other charges. If found guilty, he faces up to 20 years in prison. Court documents allege that Shevlyakov operated]]> 2023-04-10T18:31:00+00:00 https://thehackernews.com/2023/04/estonian-national-charged-in-us-for.html www.secnews.physaphae.fr/article.php?IdArticle=8326338 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are flooding the npm open source package repository with bogus packages that briefly even resulted in a denial-of-service (DoS) attack. "The threat actors create malicious websites and publish empty packages with links to those malicious websites, taking advantage of open-source ecosystems\' good reputation on search engines," Checkmarx\'s Jossef Harush Kadouri said in a report]]> 2023-04-10T18:15:00+00:00 https://thehackernews.com/2023/04/hackers-flood-npm-with-bogus-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8326339 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As technology advances, cyberattacks are becoming more sophisticated. With the increasing use of technology in our daily lives, cybercrime is on the rise, as evidenced by the fact that cyberattacks caused 92% of all data breaches in the first quarter of 2022. Staying current with cybersecurity trends and laws is crucial to combat these threats, which can significantly impact business development]]> 2023-04-10T17:08:00+00:00 https://thehackernews.com/2023/04/top-10-cybersecurity-trends-for-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8326330 False Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. The massive campaign, per GoDaddy\'s Sucuri, "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play out in waves once every few weeks. "This campaign is easily identified]]> 2023-04-10T15:46:00+00:00 https://thehackernews.com/2023/04/over-1-million-wordpress-sites-infected.html www.secnews.physaphae.fr/article.php?IdArticle=8326309 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today, businesses face a variety of security challenges like cyber attacks, compliance requirements, and endpoint security administration. The threat landscape constantly evolves, and it can be overwhelming for businesses to keep up with the latest security trends. Security teams use processes and security solutions to curb these challenges. These solutions include firewalls, antiviruses, data]]> 2023-04-10T14:57:00+00:00 https://thehackernews.com/2023/04/protecting-your-business-with-wazuh.html www.secnews.physaphae.fr/article.php?IdArticle=8326301 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands]]> 2023-04-10T11:55:00+00:00 https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8326277 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems. The company said it "promptly" initiated incident response and recovery measures after detecting "network anomalies." It also said it alerted law enforcement agencies of the matter. That said, MSI did not disclose any specifics about when the attack took place]]> 2023-04-08T20:07:00+00:00 https://thehackernews.com/2023/04/taiwanese-pc-company-msi-falls-victim.html www.secnews.physaphae.fr/article.php?IdArticle=8326041 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That\'s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed]]> 2023-04-08T12:49:00+00:00 https://thehackernews.com/2023/04/iran-based-hackers-caught-carrying-out.html www.secnews.physaphae.fr/article.php?IdArticle=8325987 False Ransomware,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Friday released security updates for iOS, iPadOS, macOS, and Safari web browser to address a pair of zero-day flaws that are being exploited in the wild. The two vulnerabilities are as follows - CVE-2023-28205 - A use after free issue in WebKit that could lead to arbitrary code execution when processing specially crafted web content. CVE-2023-28206 - An out-of-bounds write issue in]]> 2023-04-08T10:45:00+00:00 https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8325974 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on]]> 2023-04-08T10:34:00+00:00 https://thehackernews.com/2023/04/researchers-discover-critical-remote.html www.secnews.physaphae.fr/article.php?IdArticle=8325975 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors are using the messaging platform to peddle phishing kits and help set up phishing campaigns. "To promote their \'goods,\' phishers create Telegram channels through which they educate their audience about phishing and entertain subscribers with polls like, \'What type]]> 2023-04-07T18:02:00+00:00 https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8325777 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center (Health-ISAC) to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. To that end, the tech giant\'s Digital Crimes Unit (DCU) revealed that it secured a court order in the U.S. to "remove illegal, legacy copies of Cobalt Strike so they can no longer be used by]]> 2023-04-07T11:45:00+00:00 https://thehackernews.com/2023/04/microsoft-takes-legal-action-to-disrupt.html www.secnews.physaphae.fr/article.php?IdArticle=8325718 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Less than a month ago, Twitter indirectly acknowledged that some of its source code had been leaked on the code-sharing platform GitHub by sending a copyright infringement notice to take down the incriminated repository. The latter is now inaccessible, but according to the media, it was accessible to the public for several months. A user going by the name FreeSpeechEnthousiast committed]]> 2023-04-07T11:44:00+00:00 https://thehackernews.com/2023/04/are-source-code-leaks-new-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8325719 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published eight Industrial Control Systems (ICS) advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682 (CVSS score: 9.9), impacting Hitachi Energy\'s MicroSCADA System Data Manager SDM600 that could allow an]]> 2023-04-07T11:29:00+00:00 https://thehackernews.com/2023/04/cisa-warns-of-critical-ics-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8325679 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Critical infrastructure attacks are a preferred target for cyber criminals. Here\'s why and what\'s being done to protect them. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national security, the economy, public health, or safety. It can be government- or privately-owned. According to Etay]]> 2023-04-06T17:16:00+00:00 https://thehackernews.com/2023/04/supply-chain-attacks-and-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8325439 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which involved authorities from 17 countries, culminated in 119 arrests and 208 property searches in]]> 2023-04-06T14:31:00+00:00 https://thehackernews.com/2023/04/fbi-cracks-down-on-genesis-market-119.html www.secnews.physaphae.fr/article.php?IdArticle=8325380 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is enacting a new data deletion policy for Android apps that allow account creation to also offer users with a setting to delete their accounts in an attempt to provide more transparency and control over their data. "For apps that enable app account creation, developers will soon need to provide an option to initiate account and data deletion from within the app and online," Bethel]]> 2023-04-06T09:10:00+00:00 https://thehackernews.com/2023/04/google-mandates-android-apps-to-offer.html www.secnews.physaphae.fr/article.php?IdArticle=8325333 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Portuguese users are being targeted by a new malware codenamed CryptoClippy that\'s capable of stealing cryptocurrency as part of a malvertising campaign. The activity leverages SEO poisoning techniques to entice users searching for "WhatsApp web" to rogue domains hosting the malware, Palo Alto Networks Unit 42 said in a new report published today.  CryptoClippy, a C-based executable, is a type]]> 2023-04-05T19:47:00+00:00 https://thehackernews.com/2023/04/cryptoclippy-new-clipper-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8325094 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor used a malicious self-extracting archive (SFX) file in an attempt to establish persistent backdoor access to a victim\'s environment, new findings from CrowdStrike show. SFX files are capable of extracting the data contained within them without the need for dedicated software to display the file contents. It achieves this by including a decompressor stub, a piece of code]]> 2023-04-05T18:06:00+00:00 https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html www.secnews.physaphae.fr/article.php?IdArticle=8325065 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google\'s Threat Analysis Group (TAG) is tracking the cluster under the name ARCHIPELAGO, which it said is a subset of another threat group tracked by Mandiant under the name APT43. The tech giant]]> 2023-04-05T17:49:00+00:00 https://thehackernews.com/2023/04/google-tag-warns-of-north-korean-linked.html www.secnews.physaphae.fr/article.php?IdArticle=8325066 False Threat APT 43 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Every year hundreds of millions of malware attacks occur worldwide, and every year businesses deal with the impact of viruses, worms, keyloggers, and ransomware. Malware is a pernicious threat and the biggest driver for businesses to look for cybersecurity solutions.  Naturally, businesses want to find products that will stop malware in its tracks, and so they search for solutions to do that.]]> 2023-04-05T17:19:00+00:00 https://thehackernews.com/2023/04/protect-your-company-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8325049 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor behind the information-stealing malware known as Typhon Reborn has resurfaced with an updated version (V2) that packs in improved capabilities to evade detection and resist analysis. The new version is offered for sale on the criminal underground for $59 per month, $360 per year, or alternatively, for $540 for a lifetime subscription. "The stealer can harvest and exfiltrate]]> 2023-04-05T14:05:00+00:00 https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8324999 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or any poisoning? Do I risk acting on outdated data? This difference is major since a piece of]]> 2023-04-04T19:21:00+00:00 https://thehackernews.com/2023/04/sorting-through-haystacks-to-find-cti.html www.secnews.physaphae.fr/article.php?IdArticle=8324704 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that\'s both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not been seen before in ransomware," Check Point Research said in a new report. "In fact, Rorschach is one]]> 2023-04-04T18:46:00+00:00 https://thehackernews.com/2023/04/rorschach-ransomware-emerges-experts.html www.secnews.physaphae.fr/article.php?IdArticle=8324705 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chromium-based web browsers are the target of a new malware called Rilide that masquerades itself as a seemingly legitimate extension to harvest sensitive data and siphon cryptocurrency. "Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a broad spectrum of malicious activities, including monitoring  browsing history, taking screenshots,]]> 2023-04-04T18:37:00+00:00 https://thehackernews.com/2023/04/new-rilide-malware-targeting-chromium.html www.secnews.physaphae.fr/article.php?IdArticle=8324706 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022. Symantec, which is tracking the group under its insect-themed moniker Mantis, said the adversary is "going to great lengths to maintain a persistent presence on targeted networks." Also known by the names APT-C-23 and Desert]]> 2023-04-04T15:38:00+00:00 https://thehackernews.com/2023/04/arid-viper-hacking-group-using-upgraded.html www.secnews.physaphae.fr/article.php?IdArticle=8324634 False Malware,Threat APT-C-23 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Collaboration sits at the essence of SaaS applications. The word, or some form of it, appears in the top two headlines on Google Workspace\'s homepage. It can be found six times on Microsoft 365\'s homepage, three times on Box, and once on Workday. Visit nearly any SaaS site, and odds are \'collaboration\' will appear as part of the app\'s key selling point.  By sitting on the cloud, content within]]> 2023-04-04T15:24:00+00:00 https://thehackernews.com/2023/04/think-before-you-share-link-saas-in.html www.secnews.physaphae.fr/article.php?IdArticle=8324635 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery. Up until now, users were shown a dialog warning them that opening such attachments could harm their computer and data, but it was possible to dismiss the prompt and open the files. That\'s going]]> 2023-04-04T10:00:00+00:00 https://thehackernews.com/2023/04/microsoft-tightens-onenote-security-by.html www.secnews.physaphae.fr/article.php?IdArticle=8324574 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The adversary behind the supply chain attack targeting 3CX deployed a second-stage implant specifically singling out a small number of cryptocurrency companies. Russian cybersecurity firm Kaspersky, which has been internally tracking the versatile backdoor under the name Gopuram since 2020, said it observed an increase in the number of infections in March 2023 coinciding with the 3CX breach.]]> 2023-04-04T09:24:00+00:00 https://thehackernews.com/2023/04/cryptocurrency-companies-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8324564 False Hack,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems. The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a "number of the company\'s systems." Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted]]> 2023-04-03T17:11:00+00:00 https://thehackernews.com/2023/04/western-digital-hit-by-network-security.html www.secnews.physaphae.fr/article.php?IdArticle=8324351 False Data Breach,General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Italian data protection watchdog, Garante per la Protezione dei Dati Personali (aka Garante), has imposed a temporary ban of OpenAI\'s ChatGPT service in the country, citing data protection concerns. To that end, it has ordered the company to stop processing users\' data with immediate effect, stating it intends to investigate the company over whether it\'s unlawfully processing such data in]]> 2023-04-03T16:55:00+00:00 https://thehackernews.com/2023/04/italian-watchdog-bans-openais-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8324352 False None ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory, the PAM concept makes absolute sense: place admin credentials in a vault, rotate their passwords, and closely monitor their sessions. However, the harsh reality is that the vast majority of PAM projects either become a years-long project, or even]]> 2023-04-03T16:50:00+00:00 https://thehackernews.com/2023/04/its-service-accounts-stupid-why-do-pam.html www.secnews.physaphae.fr/article.php?IdArticle=8324353 False General Information,Guideline None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker\'s main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in the clipboard for hijacking purposes," Trend Micro researchers]]> 2023-04-03T14:50:00+00:00 https://thehackernews.com/2023/04/crypto-stealing-opcjacker-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8324311 False Malware,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing users," cloud security]]> 2023-04-01T14:03:00+00:00 https://thehackernews.com/2023/04/microsoft-fixes-new-azure-ad.html www.secnews.physaphae.fr/article.php?IdArticle=8323965 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week. CVE-2022-46169 relates to a critical]]> 2023-04-01T10:21:00+00:00 https://thehackernews.com/2023/04/cacti-realtek-and-ibm-aspera-faspex.html www.secnews.physaphae.fr/article.php?IdArticle=8323946 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. "Improved code security enforcement in WooCommerce components," the]]> 2023-04-01T10:06:00+00:00 https://thehackernews.com/2023/04/hackers-exploiting-wordpress-elementor.html www.secnews.physaphae.fr/article.php?IdArticle=8323938 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe," Proofpoint]]> 2023-03-31T19:37:00+00:00 https://thehackernews.com/2023/03/winter-vivern-apt-targets-european.html www.secnews.physaphae.fr/article.php?IdArticle=8323786 False Vulnerability,Threat None 2.0000000000000000