This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-04T01:07:34+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/gitguardian-report-pypi-secrets.html www.secnews.physaphae.fr/article.php?IdArticle=8480059 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/blog-post.html www.secnews.physaphae.fr/article.php?IdArticle=8479961 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are used by state actors to pull off "individually targeted]]> 2024-04-11T12:14:00+00:00 https://thehackernews.com/2024/04/apple-expands-spyware-alert-system-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479812 False Tool,Threat,Commercial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. "An Improper Control of Generation of Code (\'Code Injection\') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to]]> 2024-04-11T10:53:00+00:00 https://thehackernews.com/2024/04/fortinet-has-released-patches-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479787 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor or group. It\'s tracking the group behind the operation under the]]> 2024-04-10T19:54:00+00:00 https://thehackernews.com/2024/04/exotic-visit-spyware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8479379 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its distributors have experimented with other initial infection vectors," HP Wolf Security said in a report]]> 2024-04-10T18:40:00+00:00 https://thehackernews.com/2024/04/raspberry-robin-returns-new-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8479339 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are now taking advantage of GitHub\'s search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The latest assault on the open-source software supply chain involves concealing malicious code within Microsoft Visual Code project files that\'s designed to download next-stage payloads from a remote URL,]]> 2024-04-10T18:08:00+00:00 https://thehackernews.com/2024/04/beware-githubs-fake-popularity-scam.html www.secnews.physaphae.fr/article.php?IdArticle=8479340 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain]]> 2024-04-10T16:30:00+00:00 https://thehackernews.com/2024/04/hands-on-review-cynomi-ai-powered-vciso.html www.secnews.physaphae.fr/article.php?IdArticle=8479280 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection (BHI), can be used to leak arbitrary kernel memory at 3.5 kB/sec by bypassing existing Spectre v2/BHI mitigations, researchers from Systems and]]> 2024-04-10T14:56:00+00:00 https://thehackernews.com/2024/04/researchers-uncover-first-native.html www.secnews.physaphae.fr/article.php?IdArticle=8479247 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think. Think of it like this: misconfigurations, forgotten accounts, and old settings are like cracks in your digital fortress walls. Hackers]]> 2024-04-10T14:32:00+00:00 https://thehackernews.com/2024/04/webinar-learn-how-to-stop-hackers-from.html www.secnews.physaphae.fr/article.php?IdArticle=8479216 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released security updates for the month of April 2024 to remediate a record 149 flaws, two of which have come under active exploitation in the wild. Of the 149 flaws, three are rated Critical, 142 are rated Important, three are rated Moderate, and one is rated Low in severity. The update is aside from 21 vulnerabilities that the company addressed in its]]> 2024-04-10T10:27:00+00:00 https://thehackernews.com/2024/04/microsoft-fixes-149-flaws-in-huge-april.html www.secnews.physaphae.fr/article.php?IdArticle=8479115 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments. "The Rust standard library did not properly escape]]> 2024-04-10T08:35:00+00:00 https://thehackernews.com/2024/04/critical-batbadbut-rust-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8479069 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain, Sysdig said in a report shared with The Hacker News. "Its primary method of operation]]> 2024-04-09T19:31:00+00:00 https://thehackernews.com/2024/04/10-year-old-rubycarp-romanian-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8478745 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users. Cisco Talos is tracking the activity cluster under the name Starry Addax, describing it as primarily singling out activists associated with]]> 2024-04-09T19:15:00+00:00 https://thehackernews.com/2024/04/hackers-targeting-human-rights.html www.secnews.physaphae.fr/article.php?IdArticle=8478746 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in November 2023. The issues were fixed by LG as part of updates released on March 22, 2024. The]]> 2024-04-09T18:35:00+00:00 https://thehackernews.com/2024/04/researchers-discover-lg-smart-tv.html www.secnews.physaphae.fr/article.php?IdArticle=8478695 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023 CL0P Growth  Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the \'CryptoMix\' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to 2022. But in 2023 the CL0P ransomware gang took itself to new heights and became one of the]]> 2024-04-09T16:54:00+00:00 https://thehackernews.com/2024/04/cl0ps-ransomware-rampage-security.html www.secnews.physaphae.fr/article.php?IdArticle=8478661 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet]]> 2024-04-09T12:54:00+00:00 https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html www.secnews.physaphae.fr/article.php?IdArticle=8478562 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in]]> 2024-04-09T11:16:00+00:00 https://thehackernews.com/2024/04/critical-flaws-leave-92000-d-link-nas.html www.secnews.physaphae.fr/article.php?IdArticle=8478517 False Malware,Vulnerability,Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced support for what\'s called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox]]> 2024-04-08T19:21:00+00:00 https://thehackernews.com/2024/04/google-chrome-adds-v8-sandbox-new.html www.secnews.physaphae.fr/article.php?IdArticle=8478161 False Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said in a joint analysis published last week, adding it\'s designed to retrieve]]> 2024-04-08T16:59:00+00:00 https://thehackernews.com/2024/04/watch-out-for-latrodectus-this-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8478076 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023. Figure]]> 2024-04-08T16:53:00+00:00 https://thehackernews.com/2024/04/the-drop-in-ransomware-attacks-in-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8478077 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs researcher Karla Agregado said. The email message, the company said, originates from an email]]> 2024-04-08T14:06:00+00:00 https://thehackernews.com/2024/04/cybercriminals-targeting-latin-america.html www.secnews.physaphae.fr/article.php?IdArticle=8478025 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has filed a lawsuit against two app developers for engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam Cheung (aka]]> 2024-04-08T10:55:00+00:00 https://thehackernews.com/2024/04/google-sues-app-developers-over-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8477927 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution. It was addressed by the company as part of]]> 2024-04-06T15:13:00+00:00 https://thehackernews.com/2024/04/hackers-exploit-magento-bug-to-steal.html www.secnews.physaphae.fr/article.php?IdArticle=8477009 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers\' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. "Malicious models represent a major risk to AI systems,]]> 2024-04-05T19:38:00+00:00 https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8476537 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and]]> 2024-04-05T16:48:00+00:00 https://thehackernews.com/2024/04/ciso-perspectives-on-complying-with.html www.secnews.physaphae.fr/article.php?IdArticle=8476455 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet FortiGuard Labs, clicking the URL]]> 2024-04-05T15:10:00+00:00 https://thehackernews.com/2024/04/from-pdfs-to-payload-bogus-adobe.html www.secnews.physaphae.fr/article.php?IdArticle=8476429 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week. "It employs the .NET (de)serialization feature to interact with a core]]> 2024-04-05T13:18:00+00:00 https://thehackernews.com/2024/04/new-wave-of-jsoutprox-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8476376 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886. The Google Cloud]]> 2024-04-05T12:45:00+00:00 https://thehackernews.com/2024/04/researchers-identify-multiple-china.html www.secnews.physaphae.fr/article.php?IdArticle=8476377 False Vulnerability,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia,]]> 2024-04-04T21:12:00+00:00 https://thehackernews.com/2024/04/vietnam-based-hackers-steal-financial.html www.secnews.physaphae.fr/article.php?IdArticle=8476000 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. "The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions a significant fine for the incident," Cofense researcher Dylan Duncan said. The]]> 2024-04-04T21:00:00+00:00 https://thehackernews.com/2024/04/new-phishing-campaign-targets-oil-gas.html www.secnews.physaphae.fr/article.php?IdArticle=8476001 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise\'s physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security]]> 2024-04-04T16:57:00+00:00 https://thehackernews.com/2024/04/considerations-for-operational.html www.secnews.physaphae.fr/article.php?IdArticle=8475839 False Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. "Many HTTP/2 implementations do not properly limit or sanitize the]]> 2024-04-04T16:45:00+00:00 https://thehackernews.com/2024/04/new-http2-vulnerability-exposes-web.html www.secnews.physaphae.fr/article.php?IdArticle=8475840 False Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of flaws is as follows - CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an]]> 2024-04-04T10:15:00+00:00 https://thehackernews.com/2024/04/ivanti-rushes-patches-for-4-new-flaw-in.html www.secnews.physaphae.fr/article.php?IdArticle=8475654 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component CVE-2024-29748 - A privilege escalation flaw in the firmware component "There are indications that the []]> 2024-04-03T21:40:00+00:00 https://thehackernews.com/2024/04/google-warns-android-zero-day-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8475338 False Vulnerability,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year. The findings, released by the Department of Homeland Security (DHS) on Tuesday, found that the intrusion was preventable, and that it became successful]]> 2024-04-03T21:02:00+00:00 https://thehackernews.com/2024/04/us-cyber-safety-board-slams-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8475304 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday said it\'s piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against session cookie theft by malware. The prototype – currently tested against "some" Google Account users running Chrome Beta – is built with an aim to make it an open web standard, the tech giant\'s Chromium team said. "By binding authentication sessions to the]]> 2024-04-03T18:37:00+00:00 https://thehackernews.com/2024/04/google-chrome-beta-tests-new-dbsc.html www.secnews.physaphae.fr/article.php?IdArticle=8475272 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attack surface management (ASM) and vulnerability management (VM) are often confused, and while they overlap, they\'re not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attack surface management assumes you have unknown assets and so begins with discovery. Let\'s look at]]> 2024-04-03T16:42:00+00:00 https://thehackernews.com/2024/04/attack-surface-management-vs.html www.secnews.physaphae.fr/article.php?IdArticle=8475180 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and Sweden. Targets of the ongoing campaign include entities spanning finance, services, motor vehicle manufacturing, law firms, and commercial facilities, according to Morphisec. "Despite the geographic expansion, Mexico remains the]]> 2024-04-03T15:02:00+00:00 https://thehackernews.com/2024/04/mispadu-trojan-targets-europe-thousands.html www.secnews.physaphae.fr/article.php?IdArticle=8475127 False Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL injection impacting versions from 7.9.11 through 7.10.0. The issue has been addressed in version]]> 2024-04-03T10:41:00+00:00 https://thehackernews.com/2024/04/critical-security-flaw-found-in-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8475026 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres Freund]]> 2024-04-02T18:48:00+00:00 https://thehackernews.com/2024/04/malicious-code-in-xz-utils-for-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8474644 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud solutions are more mainstream – and therefore more exposed – than ever before. In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What\'s more, nearly 40% of breaches spanned multiple cloud environments. The average cost of a cloud breach was above the overall average, at $4.75 million. In a time where cloud has become the de facto]]> 2024-04-02T16:57:00+00:00 https://thehackernews.com/2024/04/harnessing-power-of-ctem-for-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8474584 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today. "It has been observed to]]> 2024-04-02T16:30:00+00:00 https://thehackernews.com/2024/04/china-linked-hackers-deploy-new.html www.secnews.physaphae.fr/article.php?IdArticle=8474613 False Malware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to purge billions of data records reflecting users\' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by tracking their internet browsing activity who thought that it remained private when using the "]]> 2024-04-02T12:38:00+00:00 https://thehackernews.com/2024/04/google-to-delete-billions-of-browsing.html www.secnews.physaphae.fr/article.php?IdArticle=8474472 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and]]> 2024-04-02T10:24:00+00:00 https://thehackernews.com/2024/04/massive-phishing-campaign-strikes-latin.html www.secnews.physaphae.fr/article.php?IdArticle=8474426 False Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," the Ministry of External Affairs (MEA) said in a statement, adding it had rescued 75 people in the past three]]> 2024-04-01T19:21:00+00:00 https://thehackernews.com/2024/04/indian-government-rescues-250-citizens.html www.secnews.physaphae.fr/article.php?IdArticle=8474075 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren\'t just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn\'t enough – North Korea appears to be using revenue from cyber]]> 2024-04-01T16:50:00+00:00 https://thehackernews.com/2024/04/detecting-windows-based-malware-through.html www.secnews.physaphae.fr/article.php?IdArticle=8474025 False Ransomware,Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN\'s Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user\'s device into a proxy node without their knowledge.]]> 2024-04-01T15:40:00+00:00 https://thehackernews.com/2024/04/malicious-apps-caught-secretly-turning.html www.secnews.physaphae.fr/article.php?IdArticle=8473977 False Threat,Mobile Satori 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decrypted]]> 2024-04-01T11:34:00+00:00 https://thehackernews.com/2024/04/vultur-android-banking-trojan-returns.html www.secnews.physaphae.fr/article.php?IdArticle=8473892 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims\' Macs, but operate with the end goal of stealing sensitive data, Jamf Threat Labs said in a report published Friday. One]]> 2024-03-30T12:46:00+00:00 https://thehackernews.com/2024/03/hackers-target-macos-users-with.html www.secnews.physaphae.fr/article.php?IdArticle=8472978 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils]]> 2024-03-30T10:53:00+00:00 https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html www.secnews.physaphae.fr/article.php?IdArticle=8472938 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security vulnerabilities discovered in Dormakaba\'s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana. They were reported to the Zurich-based]]> 2024-03-29T20:24:00+00:00 https://thehackernews.com/2024/03/dormakaba-locks-used-in-millions-of.html www.secnews.physaphae.fr/article.php?IdArticle=8472611 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and February of 2024," the Black Lotus Labs team at Lumen]]> 2024-03-29T17:42:00+00:00 https://thehackernews.com/2024/03/themoon-botnet-resurfaces-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8472561 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manual approach often misses opportunities to find and fix security issues early on, leaving businesses vulnerable to]]> 2024-03-29T16:49:00+00:00 https://thehackernews.com/2024/03/the-golden-age-of-automated-penetration.html www.secnews.physaphae.fr/article.php?IdArticle=8472534 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user\'s password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante. It has been described as a case of improper]]> 2024-03-29T16:19:00+00:00 https://thehackernews.com/2024/03/new-linux-bug-could-lead-to-user.html www.secnews.physaphae.fr/article.php?IdArticle=8472507 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said "new project creation and new user registration" was temporarily halted to mitigate what it said was a "malware upload campaign." The incident was resolved 10 hours later, on March 28, 2024, at]]> 2024-03-29T11:07:00+00:00 https://thehackernews.com/2024/03/pypi-halts-sign-ups-amid-surge-of.html www.secnews.physaphae.fr/article.php?IdArticle=8472406 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts. In October 2023, Slovak cybersecurity firm ESET ]]> 2024-03-28T22:32:00+00:00 https://thehackernews.com/2024/03/linux-version-of-dinodasrat-spotted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8472155 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country\'s Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the ongoing criminal probe as both demanding and time-consuming, involving extensive analysis of a "]]> 2024-03-28T22:20:00+00:00 https://thehackernews.com/2024/03/finland-blames-chinese-hacking-group.html www.secnews.physaphae.fr/article.php?IdArticle=8472126 False Legislation APT 31 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is being used to great]]> 2024-03-28T20:13:00+00:00 https://thehackernews.com/2024/03/darcula-phishing-network-leveraging-rcs.html www.secnews.physaphae.fr/article.php?IdArticle=8472102 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Considering the ever-changing state of cybersecurity, it\'s never too late to ask yourself, "am I doing what\'s necessary to keep my organization\'s web applications secure?" The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain]]> 2024-03-28T18:13:00+00:00 https://thehackernews.com/2024/03/new-webinar-avoiding-application.html www.secnews.physaphae.fr/article.php?IdArticle=8472037 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are not just trends but the new norm. Amidst this backdrop, a critical aspect subtly weaves into the]]> 2024-03-28T16:30:00+00:00 https://thehackernews.com/2024/03/behind-scenes-art-of-safeguarding-non.html www.secnews.physaphae.fr/article.php?IdArticle=8471965 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack]]> 2024-03-28T16:25:00+00:00 https://thehackernews.com/2024/03/new-zenhammer-attack-bypasses-rowhammer.html www.secnews.physaphae.fr/article.php?IdArticle=8471966 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends\' email addresses in exchange for free pizza. "Whereas people say they care about privacy, they are willing to relinquish private data quite easily when]]> 2024-03-28T13:37:00+00:00 https://thehackernews.com/2024/03/telegram-offers-premium-subscription-in.html www.secnews.physaphae.fr/article.php?IdArticle=8471887 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2). "The information stealer was delivered via a phishing email, masquerading as an invitation letter]]> 2024-03-27T20:54:00+00:00 https://thehackernews.com/2024/03/hackers-target-indian-defense-and.html www.secnews.physaphae.fr/article.php?IdArticle=8471481 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with]]> 2024-03-27T18:45:00+00:00 https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html www.secnews.physaphae.fr/article.php?IdArticle=8471391 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users\' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user\'s knowledge," Guardio]]> 2024-03-27T18:24:00+00:00 https://thehackernews.com/2024/03/microsoft-edge-bug-could-have-allowed.html www.secnews.physaphae.fr/article.php?IdArticle=8471360 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (]]> 2024-03-27T16:26:00+00:00 https://thehackernews.com/2024/03/sase-solutions-fall-short-without.html www.secnews.physaphae.fr/article.php?IdArticle=8471300 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies\' computing power and leak sensitive data," Oligo Security researchers Avi]]> 2024-03-27T16:09:00+00:00 https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8471301 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie]]> 2024-03-27T13:26:00+00:00 https://thehackernews.com/2024/03/alert-new-phishing-attack-delivers.html www.secnews.physaphae.fr/article.php?IdArticle=8471226 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as]]> 2024-03-27T09:50:00+00:00 https://thehackernews.com/2024/03/two-chinese-apt-groups-ramp-up-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8471179 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have identified a suspicious package in the NuGet package manager that\'s likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded ]]> 2024-03-26T22:24:00+00:00 https://thehackernews.com/2024/03/malicious-nuget-package-linked-to.html www.secnews.physaphae.fr/article.php?IdArticle=8470884 False Tool,Threat,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong (]]> 2024-03-26T17:36:00+00:00 https://thehackernews.com/2024/03/us-charges-7-chinese-nationals-in-major.html www.secnews.physaphae.fr/article.php?IdArticle=8470735 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game\'s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains]]> 2024-03-26T16:59:00+00:00 https://thehackernews.com/2024/03/crafting-shields-defending-minecraft.html www.secnews.physaphae.fr/article.php?IdArticle=8470736 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of the Treasury\'s Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (]]> 2024-03-26T14:01:00+00:00 https://thehackernews.com/2024/03/us-sanctions-3-cryptocurrency-exchanges.html www.secnews.physaphae.fr/article.php?IdArticle=8470632 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) - Ivanti]]> 2024-03-26T10:24:00+00:00 https://thehackernews.com/2024/03/cisa-alerts-on-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8470582 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom]]> 2024-03-25T17:28:00+00:00 https://thehackernews.com/2024/03/hackers-hijack-github-accounts-in.html www.secnews.physaphae.fr/article.php?IdArticle=8470152 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In January 2024, Microsoft discovered they\'d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn\'t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of]]> 2024-03-25T17:07:00+00:00 https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html www.secnews.physaphae.fr/article.php?IdArticle=8470153 False Hack,Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data]]> 2024-03-25T14:32:00+00:00 https://thehackernews.com/2024/03/new-gofetch-vulnerability-in-apple-m.html www.secnews.physaphae.fr/article.php?IdArticle=8470071 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the week of March 11, targeted Israeli entities spanning global manufacturing, technology, and]]> 2024-03-25T13:07:00+00:00 https://thehackernews.com/2024/03/iran-linked-muddywater-deploys-atera.html www.secnews.physaphae.fr/article.php?IdArticle=8470039 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, and Europe. According]]> 2024-03-24T11:08:00+00:00 https://thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html www.secnews.physaphae.fr/article.php?IdArticle=8469454 False Malware,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office (aka Bundeskriminalamt or BKA) said it seized the digital infrastructure associated with the darknet service located in Germany and Lithuania and confiscated €94,000 ($102,107)]]> 2024-03-24T10:54:00+00:00 https://thehackernews.com/2024/03/german-police-seize-nemesis-market-in.html www.secnews.physaphae.fr/article.php?IdArticle=8469431 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia\'s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which said Midnight Blizzard (aka APT29, BlueBravo, or]]> 2024-03-23T11:33:00+00:00 https://thehackernews.com/2024/03/russian-hackers-use-wineloader-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8468914 False Malware APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. "These campaigns come in the form of spam emails with attachments that eventually]]> 2024-03-22T19:38:00+00:00 https://thehackernews.com/2024/03/new-strelastealer-phishing-attacks-hit.html www.secnews.physaphae.fr/article.php?IdArticle=8468556 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims\' sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.]]> 2024-03-22T19:15:00+00:00 https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html www.secnews.physaphae.fr/article.php?IdArticle=8468499 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Uteus or Uetus), describing it as a "former]]> 2024-03-22T16:58:00+00:00 https://thehackernews.com/2024/03/china-linked-group-breaches-networks.html www.secnews.physaphae.fr/article.php?IdArticle=8468470 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent variant of the malware is estimated to have infected no less than 2,500 sites over the past two months alone, Sucuri said in a report published this week. The attacks entail injecting rogue]]> 2024-03-22T16:57:00+00:00 https://thehackernews.com/2024/03/massive-sign1-campaign-infects-39000.html www.secnews.physaphae.fr/article.php?IdArticle=8468471 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network footholds, and malware attacks as a direct result of user error. With the capabilities of the]]> 2024-03-22T16:45:00+00:00 https://thehackernews.com/2024/03/implementing-zero-trust-controls-for.html www.secnews.physaphae.fr/article.php?IdArticle=8468437 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining, among others, security and privacy of users when messaging non-iPhone users. "Apple wraps itself in a cloak of privacy, security, and consumer preferences to justify its anticompetitive]]> 2024-03-22T11:44:00+00:00 https://thehackernews.com/2024/03/us-justice-department-sues-apple-over.html www.secnews.physaphae.fr/article.php?IdArticle=8468337 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russian military intelligence. "AcidPour\'s expanded capabilities would enable it to better]]> 2024-03-22T08:36:00+00:00 https://thehackernews.com/2024/03/russian-hackers-target-ukrainian.html www.secnews.physaphae.fr/article.php?IdArticle=8468270 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG. "The attackers compromised the first system, established persistence and added exclusions to antivirus products running on these endpoints as part of their preliminary post-compromise actions," Cisco]]> 2024-03-21T21:33:00+00:00 https://thehackernews.com/2024/03/russia-hackers-using-tinyturla-ng-to.html www.secnews.physaphae.fr/article.php?IdArticle=8468001 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of which 18 have been found to exploit a technique called manifest confusion. The findings come from cybersecurity firm JFrog, which said the issue could be exploited by threat actors to trick developers into running malicious code. "It\'s an actual threat since]]> 2024-03-21T19:56:00+00:00 https://thehackernews.com/2024/03/over-800-npm-packages-found-with.html www.secnews.physaphae.fr/article.php?IdArticle=8467951 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that\'s used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs researcher Kashinath T Pattan said. "Classified as an SMTP cracker, it exploits SMTP]]> 2024-03-21T18:18:00+00:00 https://thehackernews.com/2024/03/androxgh0st-malware-targets-laravel.html www.secnews.physaphae.fr/article.php?IdArticle=8467923 False Malware,Tool,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the SaaS supply chain snowball quickly. That\'s why effective vendor risk management (VRM) is a]]> 2024-03-21T17:00:00+00:00 https://thehackernews.com/2024/03/how-to-accelerate-vendor-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8467864 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub on Wednesday announced that it\'s making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort to avoid introducing new security issues. "Powered by GitHub Copilot and CodeQL, code scanning autofix covers more than 90% of alert types in JavaScript, Typescript, Java, and]]> 2024-03-21T16:00:00+00:00 https://thehackernews.com/2024/03/github-launches-ai-powered-autofix-tool.html www.secnews.physaphae.fr/article.php?IdArticle=8467865 False Tool,Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When you read reports about cyber-attacks affecting operational technology (OT), it\'s easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the]]> 2024-03-21T14:53:00+00:00 https://thehackernews.com/2024/03/making-sense-of-operational-technology.html www.secnews.physaphae.fr/article.php?IdArticle=8467812 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Treasury Department\'s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations. Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and]]> 2024-03-21T13:37:00+00:00 https://thehackernews.com/2024/03/us-sanctions-russians-behind.html www.secnews.physaphae.fr/article.php?IdArticle=8467782 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats. Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6. "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance]]> 2024-03-21T09:25:00+00:00 https://thehackernews.com/2024/03/ivanti-releases-urgent-fix-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8467691 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction. Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity. Described as an SQL injection flaw, it\'s rooted in a dependency called org.postgresql:]]> 2024-03-21T09:04:00+00:00 https://thehackernews.com/2024/03/atlassian-releases-fixes-for-over-2.html www.secnews.physaphae.fr/article.php?IdArticle=8467667 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called Loop DoS attacks, the approach pairs "servers of these protocols in such a way that they communicate with each other indefinitely," researchers from the CISPA Helmholtz-Center for]]> 2024-03-20T20:21:00+00:00 https://thehackernews.com/2024/03/new-loop-dos-attack-impacts-hundreds-of.html www.secnews.physaphae.fr/article.php?IdArticle=8467396 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of Large Language Models (LLMs) and Generative AI. The potential of Generative AI is immense, yet it brings significant challenges, especially in security integration. Despite their powerful capabilities,]]> 2024-03-20T16:57:00+00:00 https://thehackernews.com/2024/03/generative-ai-security-secure-your.html www.secnews.physaphae.fr/article.php?IdArticle=8467286 False Cloud None 3.0000000000000000