This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-04T04:29:05+00:00 www.secnews.physaphae.fr knowbe4 - cybersecurity services CyberheistNews Vol 13 #24  |   June 13th, 2023 [The Mind\'s Bias] Pretexting Now Tops Phishing in Social Engineering Attacks The New Verizon DBIR is a treasure trove of data. As we will cover a bit below, Verizon reported that 74% of data breaches Involve the "Human Element," so people are one of the most common factors contributing to successful data breaches. Let\'s drill down a bit more in the social engineering section. They explained: "Now, who has received an email or a direct message on social media from a friend or family member who desperately needs money? Probably fewer of you. This is social engineering (pretexting specifically) and it takes more skill. "The most convincing social engineers can get into your head and convince you that someone you love is in danger. They use information they have learned about you and your loved ones to trick you into believing the message is truly from someone you know, and they use this invented scenario to play on your emotions and create a sense of urgency. The DBIR Figure 35 shows that Pretexting is now more prevalent than Phishing in Social Engineering incidents. However, when we look at confirmed breaches, Phishing is still on top." A social attack known as BEC, or business email compromise, can be quite intricate. In this type of attack, the perpetrator uses existing email communications and information to deceive the recipient into carrying out a seemingly ordinary task, like changing a vendor\'s bank account details. But what makes this attack dangerous is that the new bank account provided belongs to the attacker. As a result, any payments the recipient makes to that account will simply disappear. BEC Attacks Have Nearly Doubled It can be difficult to spot these attacks as the attackers do a lot of preparation beforehand. They may create a domain doppelganger that looks almost identical to the real one and modify the signature block to show their own number instead of the legitimate vendor. Attackers can make many subtle changes to trick their targets, especially if they are receiving many similar legitimate requests. This could be one reason why BEC attacks have nearly doubled across the DBIR entire incident dataset, as shown in Figure 36, and now make up over 50% of incidents in this category. Financially Motivated External Attackers Double Down on Social Engineering Timely detection and response is crucial when dealing with social engineering attacks, as well as most other attacks. Figure 38 shows a steady increase in the median cost of BECs since 2018, now averaging around $50,000, emphasizing the significance of quick detection. However, unlike the times we live in, this section isn\'t all doom and ]]> 2023-06-13T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-24-the-minds-bias-pretexting-now-tops-phishing-in-social-engineering-attacks www.secnews.physaphae.fr/article.php?IdArticle=8344804 False Spam,Malware,Vulnerability,Threat,Patching ChatGPT,ChatGPT,APT 43,APT 37,Uber 2.0000000000000000 Silicon - Site de News Francais 2023-06-08T09:30:34+00:00 https://www.silicon.fr/avis-expert/le-refactoring-applicatif-kubernetes-un-risque-de-securite-a-ne-pas-negliger www.secnews.physaphae.fr/article.php?IdArticle=8343279 False Ransomware Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs.]]> 2023-06-07T15:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2878 www.secnews.physaphae.fr/article.php?IdArticle=8343081 False None Uber None Silicon - Site de News Francais 2023-06-07T11:15:11+00:00 https://www.silicon.fr/avis-expert/arretons-de-procrastiner-la-mise-a-jour-des-systemes-dinformation www.secnews.physaphae.fr/article.php?IdArticle=8343012 False Cloud Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure The Hostel WordPress plugin before 1.1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).]]> 2023-06-05T14:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0545 www.secnews.physaphae.fr/article.php?IdArticle=8342227 False None Uber None CVE Liste - Common Vulnerability Exposure Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the `deletionTimestamp` field defined can bypass validate, generate, or mutate-existing policies, even in cases where the `validationFailureAction` field is set to `Enforce`. This situation occurs as resources pending deletion were being consciously exempted by Kyverno, as a way to reduce processing load as policies are typically not applied to objects which are being deleted. However, this could potentially result in allowing a malicious user to leverage the Kubernetes finalizers feature by setting a finalizer which causes the Kubernetes API server to set the `deletionTimestamp` and then not completing the delete operation as a way to explicitly to bypass a Kyverno policy. Note that this is not applicable to Kubernetes Pods but, as an example, a Kubernetes Service resource can be manipulated using an indefinite finalizer to bypass policies. This is resolved in Kyverno 1.10.0. There is no known workaround.]]> 2023-06-01T17:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34091 www.secnews.physaphae.fr/article.php?IdArticle=8341311 False None Uber None CVE Liste - Common Vulnerability Exposure = 2,6.0 avant = 2,7.0 avant = 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4.]]> 2023-06-01T13:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22647 www.secnews.physaphae.fr/article.php?IdArticle=8341230 False Vulnerability Uber None knowbe4 - cybersecurity services CyberheistNews Vol 13 #22  |   May 31st, 2023 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all. When you want tires, where do you go? Right – to the tire store. Shoes? Yup – shoe store. The most money you can scam from a single attack? That\'s right – the financial services industry, at least according to cybersecurity vendor Armorblox\'s 2023 Email Security Threat Report. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks. When breaking down the specific types of financial fraud, it doesn\'t get any better for the financial industry: 51% of invoice fraud attacks targeted the financial services industry 42% were payroll fraud attacks 63% were payment fraud To make matters worse, nearly one-quarter (22%) of financial fraud attacks successfully bypassed native email security controls, according to Armorblox. That means one in five email-based attacks made it all the way to the Inbox. The next layer in your defense should be a user that\'s properly educated using security awareness training to easily identify financial fraud and other phishing-based threats, stopping them before they do actual damage. Blog post with links:https://blog.knowbe4.com/financial-fraud-phishing [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us Wednesday, June 7, @ 2:00 PM (ET), for a live demonstration of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. ]]> 2023-05-31T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-22-eye-on-fraud-a-closer-look-at-the-massive-72-percent-spike-in-financial-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=8340859 False Ransomware,Malware,Hack,Tool,Threat,Conference ChatGPT,ChatGPT,Uber,Guam 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC github page to provide user support or employee monitoring. It has been historically associated with malicious activity performed by threat actors, APT groups (like in this Mandiant report from 2017), or government attacks (in this report by Unit42 in 2017). It was first released in July 2014 as “xRAT” and renamed to “Quasar” in August 2015. Since then, there have been released updates to the code until v1.4.1 in March 2023, which is the most current version. As an open-source RAT tool with updates 9 years after its creation, it is no surprise that it continues to be a common tool used by itself or combined with other payloads by threat actors up to this day. In a review of the most recent samples, a new Quasar variant was observed by Alien Labs in the wild: SeroXen. This new RAT is a modified branch of the open-source version, adding some modifications features to the original RAT. They’re selling it for monthly or lifetime fee. Figure 1 contains some of the features advertised on their website. Figure 1. SeroXen features announced on its website. This new RAT first showed up on a Twitter account, established in September 2022. The person advertising the RAT appeared to be an English-speaking teenager. The same Twitter handle published a review of the RAT on YouTube. The video approached the review from an attacking/Red Team point of view, encouraging people to buy the tool because it is worth the money. They were claiming to be a reseller of the tool. In December 2022, a specific domain was registered to market/sell the tool, seroxen[.]com. The RAT was distributed via a monthly license for $30 USD or a lifetime license of $60 USD. It was around that time that the malware was first observed in the wild, appearing with 0 detections on VirusTotal. After a few months, on the 1st of February, the YouTuber CyberSec Zaado published a video alerting the community about the capabilities of the RAT from a defensive perspective. In late February, the RAT was advertised on social media platforms such as TikTok, Twitter, YouTube, and several cracking forums, including hackforums. There were some conversations on gaming forums complaining about being infected by malware after downloading some video games. The artifacts described by the users matched with SeroXen RAT. The threat actor updated the domain name to seroxen[.]net by the end of March. This domain name was registered on March 27th]]> 2023-05-30T22:00:00+00:00 https://cybersecurity.att.com/blogs/labs-research/seroxen-rat-for-sale www.secnews.physaphae.fr/article.php?IdArticle=8340743 False Malware,Tool,Threat APT 10,Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions (Op or Admin) to change the connection object in this manner.  Operators should upgrade to provider version 7.0.0 which has removed the vulnerability.]]> 2023-05-30T11:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-33234 www.secnews.physaphae.fr/article.php?IdArticle=8340507 False None Uber None CVE Liste - Common Vulnerability Exposure Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity `validate.podSecurity` subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.]]> 2023-05-30T07:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-33191 www.secnews.physaphae.fr/article.php?IdArticle=8340472 False None Uber None Silicon - Site de News Francais 2023-05-29T15:37:43+00:00 https://www.silicon.fr/microsoft-azure-linux-sort-de-lombre-466374.html www.secnews.physaphae.fr/article.php?IdArticle=8340217 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch in the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears.]]> 2023-05-25T13:00:00+00:00 https://www.darkreading.com/operations/criminalization-of-cisos-creating-angst-among-cyber-teams www.secnews.physaphae.fr/article.php?IdArticle=8339369 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-05-22T15:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25448 www.secnews.physaphae.fr/article.php?IdArticle=8338469 False Vulnerability Uber None Korben - Bloger francais Suite

---

— Article en partenariat avec Ambient IT — Aujourd\'hui, j\'aimerais vous parler d\'une techno DevOps que tout le monde adore : Kubernetes. Notamment au travers de la formation d\'Ambient IT, qui, en plus d\'être membre de la Linux Foundation, est également partenaire officiel du programme KTP (Kubernetes Training Partner). Pour rappel, … Suite]]> 2023-05-18T07:30:00+00:00 https://korben.info/formation-kubernetes-devops-guide.html www.secnews.physaphae.fr/article.php?IdArticle=8337582 False None Uber 2.0000000000000000 Recorded Future - FLux Recorded Future Le choix attendu du président Joe Biden pour diriger la branche de lutte contre la guerre numérique des Marines des États-Unis est capturé dans une emprise de plusieurs mois sur les promotions militaires supérieures et les nominations au Sénat dirigées par un législateur républicain.[Maj.Le général Joseph «Jay» Matos] (https://www.linkedin.com/in/jay-matos/) a été exploité pour assumer le commandement de la commande du cyberespace des forces du Marine Corps, selon trois personnes

---

President Joe Biden\'s expected pick to helm the U.S. Marine Corps\' digital warfighting branch is caught in a monthslong hold on senior military promotions and nominations in the Senate led by a Republican lawmaker. [Maj. Gen. Joseph “Jay” Matos](https://www.linkedin.com/in/jay-matos/) has been tapped to assume command of Marine Corps Forces Cyberspace Command, according to three people]]> 2023-05-11T11:00:00+00:00 https://therecord.media/marines-cyber-chief-stuck-in-senate-nomination-pileup-jay-matos-tommy-tuberville www.secnews.physaphae.fr/article.php?IdArticle=8335613 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Fluid is an open source Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications. Starting in version 0.7.0 and prior to version 0.8.6, if a malicious user gains control of a Kubernetes node running fluid csi pod (controlled by the `csi-nodeplugin-fluid` node-daemonset), they can leverage the fluid-csi service account to modify specs of all the nodes in the cluster. However, since this service account lacks `list node` permissions, the attacker may need to use other techniques to identify vulnerable nodes. Once the attacker identifies and modifies the node specs, they can manipulate system-level-privileged components to access all secrets in the cluster or execute pods on other nodes. This allows them to elevate privileges beyond the compromised node and potentially gain full privileged access to the whole cluster. To exploit this vulnerability, the attacker can make all other nodes unschedulable (for example, patch node with taints) and wait for system-critical components with high privilege to appear on the compromised node. However, this attack requires two prerequisites: a compromised node and identifying all vulnerable nodes through other means. Version 0.8.6 contains a patch for this issue. As a workaround, delete the `csi-nodeplugin-fluid` daemonset in `fluid-system` namespace and avoid using CSI mode to mount FUSE file systems. Alternatively, using sidecar mode to mount FUSE file systems is recommended.]]> 2023-05-08T18:15:14+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30840 www.secnews.physaphae.fr/article.php?IdArticle=8334409 False None Uber None Recorded Future - FLux Recorded Future Le gouvernement américain et plusieurs autres pays ont été confrontés à une question clé au cours de la dernière année: les paiements de ransomware devraient-ils être interdits, avec des dérogations sélectionnées disponibles pour des situations spéciales?S'exprimant lors d'un événement du Ransomware Task Force vendredi, la conseillère adjointe de la sécurité nationale de la Maison Blanche Anne Neuberger a déclaré que les interdictions de paiement des ransomwares avaient été un sujet

---

The U.S. government and several other countries have been grappling with a key question over the last year: Should ransomware payments be banned, with select waivers available for special situations? Speaking at a Ransomware Task Force event on Friday, White House Deputy National Security Adviser Anne Neuberger said ransomware payment bans have been a topic]]> 2023-05-08T00:50:00+00:00 https://therecord.media/counter-ransomware-initiative-expands-neuberger www.secnews.physaphae.fr/article.php?IdArticle=8334180 False Ransomware Uber 2.0000000000000000 Dark Reading - Informationweek Branch Tell other CISO\'s "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.]]> 2023-05-05T18:53:00+00:00 https://www.darkreading.com/attacks-breaches/judge-spares-former-uber-ciso-jail-time-over-2016-data-breach-charges www.secnews.physaphae.fr/article.php?IdArticle=8333852 False Data Breach Uber,Uber 2.0000000000000000 BBC - BBC News - Technology Joseph Sullivan was convicted over covering up a security breach of 57 million user accounts in 2016.]]> 2023-05-05T15:41:29+00:00 https://www.bbc.co.uk/news/technology-65497186?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=8333803 False Hack Uber 2.0000000000000000 Recorded Future - FLux Recorded Future L'ancien directeur de la sécurité de l'Uber, Joe Sullivan, a été donné jeudi à trois ans de probation par un juge fédéral américain à la suite d'une condamnation en gros titres l'année dernière pour manipuler une violation de données.Le juge fédéral du district nord de Californie, William Orrick

---

Former Uber chief security officer Joe Sullivan was given three years probation by a U.S. federal judge on Thursday following a headline-grabbing conviction last year over his handling of a data breach. Federal judge for the Northern District of California William Orrick decided against giving Sullivan any prison time in a tense hearing that involved]]> 2023-05-05T02:00:00+00:00 https://therecord.media/former-uber-cso-avoids-prison-sentenced-to-three-year-probation www.secnews.physaphae.fr/article.php?IdArticle=8333868 False None Uber,Uber 2.0000000000000000 SecurityWeek - Security News L'ancien chef de la sécurité d'Uber, Joe Sullivan, a été condamné à la probation et au service communautaire pour couvrir la violation des données subie par le géant du covoiturage en 2016.

---

>Former Uber security chief Joe Sullivan was sentenced to probation and community service for covering up the data breach suffered by the ride-sharing giant in 2016. ]]> 2023-05-05T00:35:45+00:00 https://www.securityweek.com/former-uber-cso-joe-sullivan-avoids-prison-time-over-data-breach-cover-up/ www.secnews.physaphae.fr/article.php?IdArticle=8333654 False Data Breach Uber,Uber 2.0000000000000000 The Register - Site journalistique Anglais Exec begged judge for leniency – and it worked Joe Sullivan won\'t serve any serious time behind bars for his role in covering up Uber\'s 2016 computer security breach and trying to pass off a ransom payment as a bug bounty.…]]> 2023-05-04T23:20:14+00:00 https://go.theregister.com/feed/www.theregister.com/2023/05/04/uber_cso_joe_sullivan_sentenced/ www.secnews.physaphae.fr/article.php?IdArticle=8333646 False None Uber 1.00000000000000000000 CVE Liste - Common Vulnerability Exposure Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher\'s admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. The issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected.]]> 2023-05-04T08:15:22+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22651 www.secnews.physaphae.fr/article.php?IdArticle=8333412 False Vulnerability Uber None Dark Reading - Informationweek Branch IT leaders need to ensure Kubernetes clusters don\'t become a gateway for cybercriminals.]]> 2023-04-27T14:00:00+00:00 https://www.darkreading.com/attacks-breaches/combating-kubernetes-the-newest-iam-challenge- www.secnews.physaphae.fr/article.php?IdArticle=8331566 False None Uber 2.0000000000000000 GoogleSec - Firm Security Blog preventing over $2 billion in fraudulent and abusive transactions. We\'ve raised the bar for new developers to join the Play ecosystem with phone, email, and other identity verification methods, which contributed to a reduction in accounts used to publish violative apps. We continued to partner with SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over one million apps on Google Play. With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500K submitted apps from unnecessarily accessing sensitive permissions over the past 3 years. Developer Support and Collaboration to Help Keep Apps Safe As the Android ecosystem expands, it\'s critical for us to work closely with the developer community to ensure they have the tools, knowledge, and support to build secure and trustworthy apps that respect user data security and privacy. In 2022, the App Security Improvements program helped developers fix ~500K security weaknesses affecting ~300K apps with a combined install base of approximately 250B installs. We also launched the Google Play SDK Index to help developers evaluate an SDK\'s reliability and safety and make informed decisions about whether an SDK is right for their business and their users. We will keep working closely with SDK providers to improve app and SDK safety, limit how user data is shared, and improve lines of communication with app developers. We also recently launched new features and resources to give developers a better policy experience. We\'ve expanded our Helpline pilot to give more developers direct policy phone support. And we piloted the Google Play Developer Community so more developers can discuss policy questions and exchange best practices on how to build ]]> 2023-04-27T11:01:43+00:00 http://security.googleblog.com/2023/04/how-we-fought-bad-apps-and-bad-actors.html www.secnews.physaphae.fr/article.php?IdArticle=8331577 False Malware,Prediction Uber 4.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2023-04-27T09:17:46+00:00 https://www.globalsecuritymag.fr/La-directive-NIS2-un-levier-pour-renforcer-la-cyber-resilience.html www.secnews.physaphae.fr/article.php?IdArticle=8331509 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes. Prior to version 0.3.0, ironic and ironic-inspector deployed within Baremetal Operator using the included `deploy.sh` store their `.htpasswd` files as ConfigMaps instead of Secrets. This causes the plain-text username and hashed password to be readable by anyone having a cluster-wide read-access to the management cluster, or access to the management cluster\'s Etcd storage. This issue is patched in baremetal-operator PR#1241, and is included in BMO release 0.3.0 onwards. As a workaround, users may modify the kustomizations and redeploy the BMO, or recreate the required ConfigMaps as Secrets per instructions in baremetal-operator PR#1241.]]> 2023-04-26T19:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30841 www.secnews.physaphae.fr/article.php?IdArticle=8331360 False None Uber None Global Security Mag - Site de news francais Investigations

---

Red Hat publie les résultats de son rapport " The State of Kubernetes Security in 2023 " - Investigations]]> 2023-04-26T08:17:21+00:00 https://www.globalsecuritymag.fr/Red-Hat-publie-les-resultats-de-son-rapport-The-State-of-Kubernetes-Security-in.html www.secnews.physaphae.fr/article.php?IdArticle=8331189 False Studies Uber 3.0000000000000000 Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters (published: April 21, 2023) A new Monero cryptocurrency-mining campaign is the first recorded case of gaining persistence via Kubernetes (K8s) Role-Based Access Control (RBAC), according to Aquasec researchers. The recorded honeypot attack started with exploiting a misconfigured API server. The attackers preceded by gathering information about the cluster, checking if their cluster was already deployed, and deleting some existing deployments. They used RBAC to gain persistence by creating a new ClusterRole and a new ClusterRole binding. The attackers then created a DaemonSet to use a single API request to target all nodes for deployment. The deployed malicious image from the public registry Docker Hub was named to impersonate a legitimate account and a popular legitimate image. It has been pulled 14,399 times and 60 exposed K8s clusters have been found with signs of exploitation by this campaign. Analyst Comment: Your company should have protocols in place to ensure that all cluster management and cloud storage systems are properly configured and patched. K8s buckets are too often misconfigured and threat actors realize there is potential for malicious activity. A defense-in-depth (layering of security mechanisms, redundancy, fail-safe defense processes) approach is a good mitigation step to help prevent actors from highly-active threat groups. MITRE ATT&CK: [MITRE ATT&CK] T1190 - Exploit Public-Facing Application | [MITRE ATT&CK] T1496 - Resource Hijacking | [MITRE ATT&CK] T1036 - Masquerading | [MITRE ATT&CK] T1489 - Service Stop Tags: Monero, malware-type:Cryptominer, detection:PUA.Linux.XMRMiner, file-type:ELF, abused:Docker Hub, technique:RBAC Buster, technique:Create ClusterRoleBinding, technique:Deploy DaemonSet, target-system:Linux, target:K8s, target:​​Kubernetes RBAC 3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible (published: April 20, 2023) Investigation of the previously-reported 3CX supply chain compromise (March 2023) allowed Mandiant researchers to detect it was a result of prior software supply chain attack using a trojanized installer for X_TRADER, a software package provided by Trading Technologies. The attack involved the publicly-available tool SigFlip decrypting RC4 stream-cipher and starting publicly-available DaveShell shellcode for reflective loading. It led to installation of the custom, modular VeiledSignal backdoor. VeiledSignal additional modules inject the C2 module in a browser process instance, create a Windows named pipe and]]> 2023-04-25T18:22:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-two-supply-chain-attacks-chained-together-decoy-dog-stealthy-dns-communication-evilextractor-exfiltrates-to-ftp-server www.secnews.physaphae.fr/article.php?IdArticle=8331005 False Ransomware,Spam,Malware,Tool,Threat,Cloud APT 38,ChatGPT,APT 43,Uber 2.0000000000000000 Recorded Future - FLux Recorded Future ** San Francisco - ** Le procureur général adjoint Lisa Monaco a exhorté les dirigeants de cybersécurité et de conformité à continuer de travailler avec les organismes d'application de la loi, répondant tacitement aux préoccupations soulevées par les responsables de la cybersécurité après la condamnation de l'ancien chef de la sécurité d'Uber \\.Joe Sullivan, qui était lui-même procureur avant de devenir chef de la cybersécurité d'Uber, sera condamné la semaine prochaine après

---

**SAN FRANCISCO -** Deputy Attorney General Lisa Monaco urged cybersecurity and compliance leaders to continue working with law enforcement agencies, tacitly responding to concerns raised by cybersecurity officials after the conviction of Uber\'s former security chief. Joe Sullivan, who was himself a prosecutor before becoming Uber\'s head of cybersecurity, will be sentenced next week after]]> 2023-04-25T16:45:00+00:00 https://therecord.media/doj-lisa-monaco-urges-cisos-to-work-with-gov-uber-sentencing www.secnews.physaphae.fr/article.php?IdArticle=8330979 False None Uber,Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-04-25T12:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25490 www.secnews.physaphae.fr/article.php?IdArticle=8330944 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments. A malicious user can take advantage of this and bind the cluster-admin to any service account or using the service account to list all secrets for all kubernetes namespaces, leading into a cluster-level privilege escalation.]]> 2023-04-24T21:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2250 www.secnews.physaphae.fr/article.php?IdArticle=8330777 False None Uber None CVE Liste - Common Vulnerability Exposure Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called `cluster-hub` inside the `clusternet-system` Kubernetes namespace, which runs on worker nodes randomly. The deployment has a service account called `clusternet-hub`, which has a cluster role called `clusternet:hub` via cluster role binding. The `clusternet:hub` cluster role has `"*" verbs of "*.*"` resources. Thus, if a malicious user can access the worker node which runs the clusternet, they can leverage the service account to do malicious actions to critical system resources. For example, the malicious user can leverage the service account to get ALL secrets in the entire cluster, resulting in cluster-level privilege escalation. Version 0.15.2 contains a fix for this issue.]]> 2023-04-24T16:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30622 www.secnews.physaphae.fr/article.php?IdArticle=8330698 False None Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. "The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack," cloud security firm Aqua said in a report shared with The Hacker News. The Israeli company, which dubbed the attack]]> 2023-04-21T18:56:00+00:00 https://thehackernews.com/2023/04/kubernetes-rbac-exploited-in-large.html www.secnews.physaphae.fr/article.php?IdArticle=8329960 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets. In response, Uptycs, the first]]> 2023-04-21T17:20:00+00:00 https://thehackernews.com/2023/04/14-kubernetes-and-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8329932 False Cloud Uber 2.0000000000000000 Zataz - Magazine Francais de secu 2023-04-21T09:16:54+00:00 https://www.zataz.com/uber-face-a-une-nouvelle-fuite-de-donnees/ www.secnews.physaphae.fr/article.php?IdArticle=8329881 False None Uber,Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via the Kubernetes integration, leading (for example) to disclosure of a GCP service token.]]> 2023-04-15T23:15:13+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17450 www.secnews.physaphae.fr/article.php?IdArticle=8328244 False None Uber None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2023-04-13T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/cloud-forensics-an-introduction-to-investigating-security-incidents-in-aws-azure-and-gcp www.secnews.physaphae.fr/article.php?IdArticle=8327371 False Cloud Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.]]> 2023-04-12T18:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30513 www.secnews.physaphae.fr/article.php?IdArticle=8327182 False None Uber None CVE Liste - Common Vulnerability Exposure CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret.]]> 2023-04-12T06:15:07+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30512 www.secnews.physaphae.fr/article.php?IdArticle=8327045 False None Uber None InfoSecurity Mag - InfoSecurity Magazine New Jersey-based Genova Burns disclosed the breach in an email to customers]]> 2023-04-06T16:00:00+00:00 https://www.infosecurity-magazine.com/news/uber-data-exposed-law-firm-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8325484 False None Uber,Uber 2.0000000000000000 Dark Reading - Informationweek Branch Uber gave sensitive data on drivers to a law firm representing the company in legal actions, but the data appears to not have had adequate security protections.]]> 2023-04-04T21:50:00+00:00 https://www.darkreading.com/attacks-breaches/law-firm-uber-loses-drivers-data-hackers-breach www.secnews.physaphae.fr/article.php?IdArticle=8324874 False None Uber,Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure `cilium-cli` is the command line interface to install, manage, and troubleshoot Kubernetes clusters running Cilium. Prior to version 0.13.2,`cilium-cli`, when used to configure cluster mesh functionality, can remove the enforcement of user permissions on the `etcd` store used to mirror local cluster information to remote clusters. Users who have set up cluster meshes using the Cilium Helm chart are not affected by this issue. Due to an incorrect mount point specification, the settings specified by the `initContainer` that configures `etcd` users and their permissions are overwritten when using `cilium-cli` to configure a cluster mesh. An attacker who has already gained access to a valid key and certificate for an `etcd` cluster compromised in this manner could then modify state in that `etcd` cluster. This issue is patched in `cilium-cli` 0.13.2. As a workaround, one may use Cilium\'s Helm charts to create their cluster.]]> 2023-03-22T19:15:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28114 www.secnews.physaphae.fr/article.php?IdArticle=8320706 False None Uber None Security Intelligence - Site de news Américain Container orchestration frameworks like Kubernetes have brought about untold technological advances over the past decade. However, they have also enabled new attack vectors for bad actors to leverage. Before safely deploying an application, you must answer the following questions: How long should a container live? Does the container need to write any files during runtime? […] ]]> 2023-03-22T13:00:00+00:00 https://securityintelligence.com/posts/container-drift-where-age-isnt-just-a-number/ www.secnews.physaphae.fr/article.php?IdArticle=8320495 False None Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-03-17T22:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27595 www.secnews.physaphae.fr/article.php?IdArticle=8319533 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2023-03-17T20:15:13+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27593 www.secnews.physaphae.fr/article.php?IdArticle=8319518 False None Uber None CVE Liste - Common Vulnerability Exposure 2023-03-16T17:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28110 www.secnews.physaphae.fr/article.php?IdArticle=8319217 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2023-03-15T21:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-26484 www.secnews.physaphae.fr/article.php?IdArticle=8318939 False None Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-15T15:41:00+00:00 https://thehackernews.com/2023/03/new-cryptojacking-operation-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8318754 False General Information Uber 3.0000000000000000 Silicon - Site de News Francais 2023-03-15T11:53:55+00:00 https://www.silicon.fr/xavier-pestel-weborama-%e2%80%89nous-faisons-du-kubernetes-au-quotidien-459833.html www.secnews.physaphae.fr/article.php?IdArticle=8318765 False Guideline,Guideline,Cloud Uber 3.0000000000000000 Global Security Mag - Site de news francais Interviews / FIC 2023, affiche]]> 2023-03-13T23:30:00+00:00 https://www.globalsecuritymag.fr/Christophe-Auberger-Fortinet-Les-technologies-doivent-etre-a-meme-de-masquer-la.html www.secnews.physaphae.fr/article.php?IdArticle=8318088 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-03-09T21:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27483 www.secnews.physaphae.fr/article.php?IdArticle=8317106 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2023-03-09T21:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27484 www.secnews.physaphae.fr/article.php?IdArticle=8317107 False Guideline Uber None knowbe4 - cybersecurity services CyberheistNews Vol 13 #10  |   March 7th, 2023 [Eye Opener] BusinessWeek: The Satellite Hack Everyone Is Finally Talking About This week, Bloomberg News pointed at a brand-new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when communications systems are not secure by design. It is an excellent wake-up call for your C-level execs and powerful budget ammo. They started out with: "As Putin began his invasion of Ukraine, a network used throughout Europe-and by the Ukrainian military-faced an unprecedented cyberattack that doubled as an industrywide wake-up call. What they refer to is the Viasat hack. The KnowBe4 blog initially reported on this hack on March 24, 2022 here: https://blog.knowbe4.com/wired-a-mysterious-satellite-hack-has-victims-far-beyond-ukraine and in our CyberheistNews May 17, 2022 here: https://blog.knowbe4.com/cyberheistnews-vol-12-20-heads-up-now-you-need-to-watch-out-for-spoofed-vanity-urls. The article continues to describe how a large number of Viasat customers lost connectivity. Here is a quote: "Viasat staffers in the U.S., where the company is based, were caught by surprise, too. Across Europe and North Africa, tens of thousands of internet connections in at least 13 countries were going dead. "Some of the biggest service disruptions affected providers Bigblu Broadband PLC in the U.K. and NordNet AB in France, as well as utility systems that monitor thousands of wind turbines in Germany. The most critical affected Ukraine: Several thousand satellite systems that President Volodymyr Zelenskiy's government depended on were all down, making it much tougher for the military and intelligence services to coordinate troop and drone movements in the hours after the invasion." "Industry was caught flat-footed," says Gregory Falco, a space cybersecurity expert who has advised the U.S. government. "Ukrainians paid the price. The war is really just revealing the capabilities," says Erin Miller, who runs the Space Information Sharing and Analysis Center, a trade group that gathers data on orbital threats. Cyberattacks affecting the industry, she says, have become a daily occurrence. The Viasat hack was widely considered a harbinger of attacks to come." For many end-users, the frustrating thing about the Viasat hack is that, unlike with a phishing attack, there was nothing they could have done to prevent it. But the Russians (this smells like GRU) would have to know a lot of detail about Viasat's systems to execute an attack like th]]> 2023-03-07T14:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-10-eye-opener-businessweek-the-satellite-hack-everyone-is-finally-talking-about www.secnews.physaphae.fr/article.php?IdArticle=8316301 False Guideline Uber 2.0000000000000000 Dark Reading - Informationweek Branch 2023-03-01T23:50:00+00:00 https://www.darkreading.com/dr-tech/ermetic-adds-kubernetes-security-to-cnapp www.secnews.physaphae.fr/article.php?IdArticle=8314839 False None Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-03-01T19:15:25+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3294 www.secnews.physaphae.fr/article.php?IdArticle=8314780 False None Uber None Microsoft - Microsoft Security Response Center 2023-03-01T00:00:00+00:00 https://msrc.microsoft.com/blog/2023/03/configuring-host-level-audit-logging-for-aks-vmss/ www.secnews.physaphae.fr/article.php?IdArticle=8314761 False None Uber 3.0000000000000000 Microsoft - Microsoft Security Response Center 2023-03-01T00:00:00+00:00 https://msrc.microsoft.com/blog/2023/03/azure-kubernetes-service-aks-threat-hunting/ www.secnews.physaphae.fr/article.php?IdArticle=8314760 False Threat Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-02-28T19:15:16+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1065 www.secnews.physaphae.fr/article.php?IdArticle=8314395 False Vulnerability Uber None Dark Reading - Informationweek Branch 2023-02-28T17:43:44+00:00 https://www.darkreading.com/risk/pernicious-permissions-kubernetes-cryptomining-cloud-data-heist www.secnews.physaphae.fr/article.php?IdArticle=8314232 False Cloud Uber 2.0000000000000000 MitnickSecurity - Former Hacker Services There's something both humbling and terrifying about watching industry giants like Twitter and Uber fall victim to cyber attacks.]]> 2023-02-22T08:00:00+00:00 https://www.mitnicksecurity.com/blog/top-social-engineering-attacks www.secnews.physaphae.fr/article.php?IdArticle=8312403 False None Uber,Uber 3.0000000000000000 The State of Security - Magazine Américain 2023-02-22T04:00:36+00:00 https://www.tripwire.com/state-of-security/what-kubernetes-observability-and-why-its-critical-securing-your-clusters www.secnews.physaphae.fr/article.php?IdArticle=8312422 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-02-16T18:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23947 www.secnews.physaphae.fr/article.php?IdArticle=8310941 False Tool,Vulnerability Uber None Global Security Mag - Site de news francais Points de Vue]]> 2023-02-16T15:06:18+00:00 https://www.globalsecuritymag.fr/Les-entreprises-sont-confrontees-a-la-complexite-du-cloud-a-l-heure-ou-l.html www.secnews.physaphae.fr/article.php?IdArticle=8310867 False None Uber 2.0000000000000000 Global Security Mag - Site de news francais Business]]> 2023-02-15T15:46:19+00:00 https://www.globalsecuritymag.fr/Salt-Security-nomme-Gilad-Gruber-Senior-Vice-President-en-charge-de-l.html www.secnews.physaphae.fr/article.php?IdArticle=8310538 False None Uber 1.00000000000000000000 Dark Reading - Informationweek Branch 2023-02-15T01:00:00+00:00 https://www.darkreading.com/dr-tech/expel-tackles-cloud-threats-with-mdr-for-kubernetes www.secnews.physaphae.fr/article.php?IdArticle=8310338 False None Uber 2.0000000000000000 CSO - CSO Daily Dashboard MITRE ATT&CK framework to help teams remediate threats and improve resilience, Expel added.Kubernetes is an open-source orchestration system that relies on containers to automate the deployment, scaling, and management of applications, usually in a cloud environment. Over time, it has become the de facto operating system of the cloud, but can also pose significant security risks and challenges for businesses.To read this article in full, please click here]]> 2023-02-14T03:34:00+00:00 https://www.csoonline.com/article/3687677/expel-announces-mdr-for-kubernetes-with-mitre-attandck-framework-alignment.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8309991 False None Uber 1.00000000000000000000 CVE Liste - Common Vulnerability Exposure 2023-02-13T19:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24619 www.secnews.physaphae.fr/article.php?IdArticle=8309788 False None Uber None Silicon - Site de News Francais 2023-02-13T13:39:15+00:00 https://www.silicon.fr/chatgpt-securiser-kubernetes-458195.html www.secnews.physaphae.fr/article.php?IdArticle=8309376 False None ChatGPT,Uber 2.0000000000000000 Global Security Mag - Site de news francais Interviews / affiche]]> 2023-02-13T08:28:52+00:00 https://www.globalsecuritymag.fr/Christophe-Baroux-Sysdig-Nous-concentrons-sur-la-resolution-des-problemes-que.html www.secnews.physaphae.fr/article.php?IdArticle=8309326 False None Uber 2.0000000000000000 Global Security Mag - Site de news francais Interviews / affiche]]> 2023-02-13T08:28:34+00:00 https://www.globalsecuritymag.fr/Christophe-Baroux-Sysdig-We-focus-on-solving-the-problems-that-teams-need-to.html www.secnews.physaphae.fr/article.php?IdArticle=8309327 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-02-08T21:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25163 www.secnews.physaphae.fr/article.php?IdArticle=8308422 False Spam,Tool,Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2023-02-08T20:15:24+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25165 www.secnews.physaphae.fr/article.php?IdArticle=8308394 False Tool Uber None Dark Reading - Informationweek Branch 2023-02-07T17:05:00+00:00 https://www.darkreading.com/application-security/armo-integrates-chatgpt-to-help-users-secure-kubernetes www.secnews.physaphae.fr/article.php?IdArticle=8307967 False None ChatGPT,Uber 2.0000000000000000 Silicon - Site de News Francais 2023-02-07T11:46:20+00:00 https://www.silicon.fr/opencost-projet-finops-kubernetes-457836.html www.secnews.physaphae.fr/article.php?IdArticle=8307885 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-02-01T14:59:00+00:00 https://thehackernews.com/2023/02/auditing-kubernetes-with-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8306145 False None Uber 2.0000000000000000 Adam Shostack - American Security Blog 2023-01-30T00:00:00+00:00 https://shostack.org/blog/appsec-roundup-jan-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8305566 False None Uber,Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-01-26T21:18:16+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24425 www.secnews.physaphae.fr/article.php?IdArticle=8304639 False None Uber None CVE Liste - Common Vulnerability Exposure 2023-01-26T21:18:13+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22736 www.secnews.physaphae.fr/article.php?IdArticle=8304612 False Tool,Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2023-01-26T21:18:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22482 www.secnews.physaphae.fr/article.php?IdArticle=8304606 False Tool,Vulnerability Uber None Schneier on Security - Chercheur Cryptologue Américain reviewed A Hacker’s Mind—and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier (Click Here to Kill Everybody) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing weaknesses in cybersecurity to examine how those with power take advantage of financial, legal, political, and cognitive systems. He decries how venture capitalists “hack” market dynamics by subverting the pressures of supply and demand, noting that venture capital has kept Uber afloat despite the company having not yet turned a profit. Legal loopholes constitute another form of hacking, Schneier suggests, discussing how the inability of tribal courts to try non-Native individuals means that many sexual assaults of Native American women go unprosecuted because they were committed by non-Native American men. Schneier outlines strategies used by corporations to capitalize on neural processes and “hack… our attention circuits,” pointing out how Facebook’s algorithms boost content that outrages users because doing so increases engagement. Elegantly probing the mechanics of exploitation, Schneier makes a persuasive case that “we need society’s rules and laws to be as patchable as your computer.” With lessons that extend far beyond the tech world, this has much to offer...]]> 2023-01-21T12:18:34+00:00 https://www.schneier.com/blog/archives/2023/01/publishers-weekly-review-of-a-hackers-mind.html www.secnews.physaphae.fr/article.php?IdArticle=8303087 False None Uber,Uber 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2023-01-19T11:38:28+00:00 https://www.globalsecuritymag.fr/Le-gestionnaire-de-connexion-Keeper-ajoute-de-nouvelles-fonctionnalites-pour-l.html www.secnews.physaphae.fr/article.php?IdArticle=8302518 False None Uber 2.0000000000000000 Global Security Mag - Site de news francais Product Reviews]]> 2023-01-17T09:57:49+00:00 https://www.globalsecuritymag.fr/Keeper-Connection-Manager-Adds-New-Next-Gen-Features-for-Zero-Trust-Network.html www.secnews.physaphae.fr/article.php?IdArticle=8301757 False None Uber 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2023-01-16T17:00:00+00:00 https://www.infosecurity-magazine.com/news/circleci-breach-caused-by/ www.secnews.physaphae.fr/article.php?IdArticle=8301578 False Data Breach,Malware Uber 4.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-01-14T01:15:15+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22480 www.secnews.physaphae.fr/article.php?IdArticle=8301074 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure 2023-01-14T01:15:14+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22478 www.secnews.physaphae.fr/article.php?IdArticle=8301073 False None Uber None Global Security Mag - Site de news francais Software / cybersecurite_home_droite]]> 2023-01-13T15:00:49+00:00 https://www.globalsecuritymag.fr/Venafi-veroffentlicht-Cloud-natives-Maschinenidentitats-Management-fur-VMWare.html www.secnews.physaphae.fr/article.php?IdArticle=8300902 False None Uber 1.00000000000000000000 CVE Liste - Common Vulnerability Exposure 2023-01-13T06:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3841 www.secnews.physaphae.fr/article.php?IdArticle=8300864 False Vulnerability Uber None Dark Reading - Informationweek Branch 2023-01-12T15:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/kubernetes-related-security-projects-to-watch-in-2023 www.secnews.physaphae.fr/article.php?IdArticle=8300555 False None Uber 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-11T14:13:11+00:00 https://informationsecuritybuzz.com/kinsing-malware-hits-kubernetes-clusters-flawed-postgresql/ www.secnews.physaphae.fr/article.php?IdArticle=8300025 False Malware,Threat Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2023-01-10T21:15:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22479 www.secnews.physaphae.fr/article.php?IdArticle=8299834 False None Uber None SC Magazine - Magazine 2023-01-10T21:14:26+00:00 https://www.scmagazine.com/brief/breach/kubernetes-clusters-compromised-by-kinsing-malware www.secnews.physaphae.fr/article.php?IdArticle=8299850 False Malware Uber 2.0000000000000000 Dark Reading - Informationweek Branch 2023-01-10T17:00:00+00:00 https://www.darkreading.com/cloud/microsoft-kinsing-malware-kubernetes-containers-postgresql www.secnews.physaphae.fr/article.php?IdArticle=8299606 False Tool Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-01-09T19:33:00+00:00 https://thehackernews.com/2023/01/kinsing-cryptojacking-hits-kubernetes.html www.secnews.physaphae.fr/article.php?IdArticle=8299244 False Threat Uber 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-09T16:16:26+00:00 https://www.bleepingcomputer.com/news/security/microsoft-kubernetes-clusters-hacked-in-malware-campaign-via-postgresql/ www.secnews.physaphae.fr/article.php?IdArticle=8299327 False Malware Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure = v0.12.0 released on 08/12/2022.]]> 2023-01-09T14:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23509 www.secnews.physaphae.fr/article.php?IdArticle=8299267 False Vulnerability Uber None CVE Liste - Common Vulnerability Exposure = v0.12.0 released on 08/12/2022. ### Workarounds There is no workaround for this vulnerability. ### References Disclosed by Paulo Gomes, Senior Software Engineer, Weaveworks. ### For more information If you have any questions or comments about this advisory: - Open an issue in [Weave GitOps repository](https://github.com/weaveworks/weave-gitops) - Email us at [support@weave.works](mailto:support@weave.works)]]> 2023-01-09T13:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23508 www.secnews.physaphae.fr/article.php?IdArticle=8299266 False Vulnerability Uber None Global Security Mag - Site de news francais Interviews / primetime, itsa 2022 de]]> 2023-01-03T09:22:36+00:00 https://www.globalsecuritymag.fr/Armin-Simon-Thales-Secure-the-Bridge-sei-vorbereitet-dass-etwas-passieren-wird.html www.secnews.physaphae.fr/article.php?IdArticle=8297407 False None Uber 1.00000000000000000000 Silicon - Site de News Francais 2023-01-03T06:37:55+00:00 https://www.silicon.fr/6-utilitaires-open-source-pour-la-barre-des-menus-de-macos-455453.html www.secnews.physaphae.fr/article.php?IdArticle=8297354 False None Uber 2.0000000000000000