This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-02T22:33:46+00:00 www.secnews.physaphae.fr Security Affairs - Blog Secu CISA added more security flaws to its Known Exploited Vulnerabilities Catalog, including Windows and iOS flaws. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, a Windows privilege escalation vulnerability, tracked as CVE-2022-37969, and an arbitrary code execution issue, tracked as CVE-2022-32917, affecting iPhones and Macs. According to Binding […] ]]> 2022-09-14T20:16:05+00:00 https://securityaffairs.co/wordpress/135753/security/cisa-known-exploited-vulnerabilities-catalog-new-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=6894850 False None None None Security Affairs - Blog Secu China-linked SparklingGoblin APT was spotted using a Linux variant of a backdoor known as SideWalk against a Hong Kong university. Researchers from ESET discovered a Linux variant of the SideWalk backdoor, which is a custom implant used by the China-linked SparklingGoblin APT group. The SparklingGoblin APT is believed to be a group that operated under […] ]]> 2022-09-14T15:19:37+00:00 https://securityaffairs.co/wordpress/135736/malware/sparklinggoblin-sidewalk-variant.html www.secnews.physaphae.fr/article.php?IdArticle=6890422 False None None None Security Affairs - Blog Secu Twitter whistleblower, and former head of security, Peiter Zatko, told the US Congress that the platform ignored his security concerns. Peiter 'Mudge' Zatko, former head of security, testified in front of Congress on Tuesday, sustaining that the platform ignored his security concerns and was vulnerable to cyber attacks. Zatko filed a whistleblower complaint in July with […] ]]> 2022-09-14T07:14:48+00:00 https://securityaffairs.co/wordpress/135726/security/twitter-head-security-concerns-senate.html www.secnews.physaphae.fr/article.php?IdArticle=6883329 False None None None Security Affairs - Blog Secu Threat actors are actively exploiting a zero-day vulnerability in the WPGateway premium plugin to target WordPress websites. The Wordfence Threat Intelligence team reported that threat actors are actively exploiting a zero-day vulnerability (CVE-2022-3180) in the WPGateway premium plugin in attacks aimed at WordPress sites. The WPGateway plugin is a premium plugin that allows users of […] ]]> 2022-09-14T05:21:01+00:00 https://securityaffairs.co/wordpress/135715/cyber-crime/wordpress-wpgateway-critical-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=6881565 False Vulnerability,Threat None None Security Affairs - Blog Secu Microsoft released September 2022 Patch Tuesday security updates to address 64 flaws, including an actively exploited Windows zero-day. Microsoft September 2022 Patch Tuesday security updates address 64 vulnerabilities, including an actively exploited Windows zero-day. The flaws fixed by the IT giant impact Microsoft Windows and Windows Components; Azure and Azure Arc; .NET and Visual Studio […] ]]> 2022-09-14T05:16:20+00:00 https://securityaffairs.co/wordpress/135706/security/microsoft-patch-tuesday-sept-2022.html www.secnews.physaphae.fr/article.php?IdArticle=6881566 False None None None Security Affairs - Blog Secu A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. “A distinct group of espionage attackers who were formerly associated with the […] ]]> 2022-09-13T15:43:18+00:00 https://securityaffairs.co/wordpress/135700/intelligence/cyber-espionage-target-asian-countries.html www.secnews.physaphae.fr/article.php?IdArticle=6870469 False Threat None None Security Affairs - Blog Secu Trend Micro addressed multiple vulnerabilities in its Apex One endpoint security product, including actively exploited zero-day flaws. Trend Micro announced this week the release of security patches to address multiple vulnerabilities in its Apex One endpoint security product, including a zero-day vulnerability, tracked as CVE-2022-40139 (CVSS 3.0 SCORE 7.2), which is actively exploited. The CVE-2022-40139 […] ]]> 2022-09-13T14:05:21+00:00 https://securityaffairs.co/wordpress/135689/security/trend-micro-apex-one-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=6869158 False None None None Security Affairs - Blog Secu Iran-linked threat actors target individuals specializing in Middle Eastern affairs, nuclear security and genome research. In mid-2022, Proofpoint researchers uncovered a cyberespionage campaign conducted by Iran-linked TA453 threat actors. The campaign aimed at individuals specializing in Middle Eastern affairs, nuclear security and genome research. Threat actors used at least two actor-controlled personas on a single […] ]]> 2022-09-13T10:43:49+00:00 https://securityaffairs.co/wordpress/135679/apt/iran-ta453-multi-persona-impersonation.html www.secnews.physaphae.fr/article.php?IdArticle=6867807 False Threat None None Security Affairs - Blog Secu A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow. A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical […] ]]> 2022-09-13T07:09:17+00:00 https://securityaffairs.co/wordpress/135667/hacking/montenegro-massive-cyber-attack.html www.secnews.physaphae.fr/article.php?IdArticle=6866816 False None None None Security Affairs - Blog Secu The hacktivist collective GhostSec claimed to have compromised 55 Berghof PLCs used by Israeli organizations. Pro-Palestinian Hacking Group GhostSec claimed to have compromised 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations as part of a Free Palestine campaign. On September, 4th, 2022, GhostSec announced on social media and its Telegram channel that it has compromised […] ]]> 2022-09-13T05:15:31+00:00 https://securityaffairs.co/wordpress/135656/hacktivism/ghostsec-hacked-berghof-plcs-israel.html www.secnews.physaphae.fr/article.php?IdArticle=6866254 False None None None Security Affairs - Blog Secu Apple has addressed the eighth zero-day vulnerability that is actively exploited in attacks against iPhones and Macs since January. Apple has released security updates to fix a zero-day vulnerability, tracked as CVE-2022-32917, which is actively exploited in attacks against iPhone and Mac devices. This is the eighth zero-day vulnerability fixed by the IT giant since […] ]]> 2022-09-12T20:21:09+00:00 https://securityaffairs.co/wordpress/135647/security/apple-fixes-eighth-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=6863162 False Vulnerability None None Security Affairs - Blog Secu Google completed the acquisition of the threat intelligence firm Mandiant, the IT giant will pay $5.4 billion. Google announced the completion of the $5.4 billion acquisition of threat intelligence firm Mandiant. The acquisition was announced in March 2022 by both companies: “RESTON, Va., March 8, 2022 – Mandiant, Inc. (NASDAQ: MNDT) today announced that it has entered into […] ]]> 2022-09-12T16:36:52+00:00 https://securityaffairs.co/wordpress/135638/security/google-announced-acquisition-of-mandiant.html www.secnews.physaphae.fr/article.php?IdArticle=6861531 False Threat None None Security Affairs - Blog Secu Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems. In August, Cisco disclosed a security breach, the Yanluowang ransomware gang breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed […] ]]> 2022-09-12T08:57:15+00:00 https://securityaffairs.co/wordpress/135625/cyber-crime/cisco-hack-yanluowang-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=6858709 True Ransomware None None Security Affairs - Blog Secu Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021. The Binarly security research team reported several HP Enterprise devices are affected by six high-severity firmware vulnerabilities that are yet to be patched, and some of them have been disclosed more than a year ago. […] ]]> 2022-09-12T07:27:53+00:00 https://securityaffairs.co/wordpress/135592/security/firmware-bugs-hp-devices.html www.secnews.physaphae.fr/article.php?IdArticle=6858335 False None None None Security Affairs - Blog Secu Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. “The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, […] ]]> 2022-09-11T21:35:47+00:00 https://securityaffairs.co/wordpress/135602/cyber-warfare-2/albania-second-cyber-attack.html www.secnews.physaphae.fr/article.php?IdArticle=6850721 False None None None Security Affairs - Blog Secu Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents. Experts attribute over 30 cyber espionage attacks against activists and dissidents to the Iran-linked APT42 (formerly UNC788). The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against […] ]]> 2022-09-11T13:31:49+00:00 https://securityaffairs.co/wordpress/135581/apt/iran-apt42-espionage-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=6844175 False None APT 42 None Security Affairs - Blog Secu InterContinental Hotels Group PLC (IHG) discloses a security breach, parts of its IT infrastructure has been subject to unauthorised activity The hospitality conglomerate, InterContinental Hotel Group (IHG) manages 17 hotel chains, including the Regent, Crowne Plaza, Holiday Inn, and Candlewood Suites. IHG operates 6,028 hotels in more than 100 different countries. The company announced that […] ]]> 2022-09-10T14:28:19+00:00 https://securityaffairs.co/wordpress/135572/hacking/ihg-suffered-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=6824467 False None None None Security Affairs - Blog Secu China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks researchers reported that China-linked APT group BRONZE PRESIDENT conducted a new campaign aimed at government officials in Europe, the Middle East, and South America with the PlugX malware. Attacks part of this campaign were spotted […] ]]> 2022-09-10T13:32:07+00:00 https://securityaffairs.co/wordpress/135557/apt/bronze-president-plugx-malware.html www.secnews.physaphae.fr/article.php?IdArticle=6823592 False None None None Security Affairs - Blog Secu Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. Cybercriminals were live-streaming on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. The interview […] ]]> 2022-09-10T11:25:34+00:00 https://securityaffairs.co/wordpress/135549/cyber-crime/fake-apple-crypto-event-youtube.html www.secnews.physaphae.fr/article.php?IdArticle=6821832 False None None None Security Affairs - Blog Secu The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the Albania cyberattack. The U.S. Treasury Department announced sanctions against Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the cyber attack that hit Albania in July. MOIS is the primary intelligence […] ]]> 2022-09-09T19:48:51+00:00 https://securityaffairs.co/wordpress/135532/intelligence/us-treasury-sanctioned-iran.html www.secnews.physaphae.fr/article.php?IdArticle=6807582 False None None None Security Affairs - Blog Secu US authorities recovered more than $30 million worth of cryptocurrency stolen by the North Korea-linked Lazarus APT from Axie Infinity. A joint operation conducted by enforcement and leading organizations in the cryptocurrency industry allowed to recover more than $30 million worth of cryptocurrency stolen by North Korean-linked APT group Lazarus from online video game Axie […] ]]> 2022-09-09T16:09:44+00:00 https://securityaffairs.co/wordpress/135524/apt/30m-stolen-axie-infinity-recovered.html www.secnews.physaphae.fr/article.php?IdArticle=6805007 False Guideline APT 38 None Security Affairs - Blog Secu Threat actors are exploiting a zero-day vulnerability in a WordPress plugin called BackupBuddy, Wordfence researchers warned. On September 6, 2022, the Wordfence Threat Intelligence team was informed of a vulnerability being actively exploited in the BackupBuddy WordPress plugin. This plugin allows users to back up an entire WordPress installation, including theme files, pages, posts, widgets, users, and […] ]]> 2022-09-09T11:50:31+00:00 https://securityaffairs.co/wordpress/135518/hacking/backupbuddy-wordpress-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=6801258 False Vulnerability,Threat None None Security Affairs - Blog Secu 2022-09-09T08:57:47+00:00 https://securityaffairs.co/wordpress/135511/apt/dev-0270-abuses-bitlocker-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=6798992 False Ransomware,Threat None None Security Affairs - Blog Secu CISA added 12 more security flaws to its Known Exploited Vulnerabilities Catalog including four D-Link vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 12 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including four vulnerabilities in D-Link routers, two Chrome zero-day issues, and a recently disclosed flaw in the QNAP Photo Station. According to Binding Operational […] ]]> 2022-09-08T22:05:52+00:00 https://securityaffairs.co/wordpress/135491/security/cisa-known-exploited-vulnerabilities-catalog-flaws-2.html www.secnews.physaphae.fr/article.php?IdArticle=6790845 False None None None Security Affairs - Blog Secu Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA). After discovering that Classified NATO documents belonging to the Armed Forces General Staff agency of Portugal (EMGFA) were offered for sale on the darkweb, the Portuguese agency discovered it has suffered a cyberattack. The Armed Forces […] ]]> 2022-09-08T20:36:59+00:00 https://securityaffairs.co/wordpress/135480/data-breach/nato-docs-stolen-from-portugal.html www.secnews.physaphae.fr/article.php?IdArticle=6790116 False None None None Security Affairs - Blog Secu North Korea-linked Lazarus APT group is targeting energy providers around the world, including organizations in the US, Canada, and Japan. Talos researchers tracked a campaign, orchestrated by North Korea-linked Lazarus APT group, aimed at energy providers around the world, including organizations in the US, Canada, and Japan. The campaign was observed between February and July 2022.  The attacks […] ]]> 2022-09-08T15:12:53+00:00 https://securityaffairs.co/wordpress/135469/apt/north-korea-linked-lazarus-apt-targets-energy-providers-around-the-world.html www.secnews.physaphae.fr/article.php?IdArticle=6786478 False None APT 38 None Security Affairs - Blog Secu Cisco fixed new security flaws affecting its products, including a recently disclosed high-severity issue in NVIDIA Data Plane Development Kit. The most severe issues fixed by Cisco are an unauthenticated Access to Messaging Services Vulnerability affecting Cisco SD-WAN vManage software and a vulnerability in NVIDIA Data Plane Development Kit. The two issues have been tracked as CVE-2022-20696 […] ]]> 2022-09-08T11:24:22+00:00 https://securityaffairs.co/wordpress/135464/security/cisco-security-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=6783598 False Vulnerability None None Security Affairs - Blog Secu Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022. Researchers from Google’s Threat Analysis Group (TAG) reported that some former members of the Conti cybercrime group were involved in five different campaigns targeting Ukraine between April and August 2022. The activities overlap with operations […] ]]> 2022-09-08T09:10:20+00:00 https://securityaffairs.co/wordpress/135447/cyber-crime/conti-ransomware-members-target-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=6782176 False Ransomware,Threat None None Security Affairs - Blog Secu Albania interrupted diplomatic ties with Iran and expelled the country's embassy staff over the mid-July attack. Albanian Prime Minister Edi Rama announced that Albania interrupted diplomatic ties with Iran and expelled the country's embassy staff over the massive cyber attack that hit the country in mid-July. The cyberattack hit the servers of the National Agency […] ]]> 2022-09-08T08:12:59+00:00 https://securityaffairs.co/wordpress/135455/cyber-warfare-2/albania-interrupted-diplomatic-ties-iran.html www.secnews.physaphae.fr/article.php?IdArticle=6781477 False None None None Security Affairs - Blog Secu A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs discovered a new piece of stealthy Linux malware, dubbed Shikitega, that targets endpoints and IoT devices. The malware outstands for its multistage infection chain, threat actors use it to can gain full control of the system […] ]]> 2022-09-07T16:38:18+00:00 https://securityaffairs.co/wordpress/135437/malware/shikitega-linux-malware.html www.secnews.physaphae.fr/article.php?IdArticle=6769653 False Malware,Threat None None Security Affairs - Blog Secu In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In the digital age, authentication is paramount to a strong security strategy. As virtually every aspect of day-to-day life and business is conducted online, the added convenience has also brought added risk. Information privacy, data sovereignty, […] ]]> 2022-09-07T11:55:01+00:00 https://securityaffairs.co/wordpress/135434/security/challenges-of-user-authentication.html www.secnews.physaphae.fr/article.php?IdArticle=6766021 False None None None Security Affairs - Blog Secu Networking equipment vendor Zyxel addressed a critical vulnerability impacting its network-attached storage (NAS) devices. Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747, impacting its network-attached storage (NAS) devices. The CVE-2022-34747 (CVSS score: 9.8) flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. An attacker can exploit […] ]]> 2022-09-07T08:53:00+00:00 https://securityaffairs.co/wordpress/135426/hacking/zyxel-rce-nas.html www.secnews.physaphae.fr/article.php?IdArticle=6763785 False Vulnerability None None Security Affairs - Blog Secu The Moobot botnet is behind a new wave of attacks that started in early August and that target vulnerable D-Link routers. Palo Alto Network's Unit 42 researchers reported a new wave of attacks launched by the Moobot botnet that target vulnerable D-Link routers. The Mirai-based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February […] ]]> 2022-09-07T07:59:07+00:00 https://securityaffairs.co/wordpress/135414/malware/moobot-botnet-targets-d-link.html www.secnews.physaphae.fr/article.php?IdArticle=6763048 False None None None Security Affairs - Blog Secu One of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack during the weekend. The Los Angeles Unified School District is one of the largest school distinct in the US, it was hit by a ransomware attack during the Labor Day weekend. The security breach took place a few […] ]]> 2022-09-06T18:33:30+00:00 https://securityaffairs.co/wordpress/135411/cyber-crime/los-angeles-unified-school-district-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=6753212 False Ransomware None None Security Affairs - Blog Secu Experts spotted new Android spyware that was used by China-linked threat actors to spy on the Uyghur community in China. Researchers from Cyble Research & Intelligence Labs (CRIL) started their investigation after MalwareHunterTeam experts shared information about a new Android malware used to spy on the Uyghur community. The malware disguised as a book titled “The China […] ]]> 2022-09-06T16:23:32+00:00 https://securityaffairs.co/wordpress/135403/malware/android-malware-spy-uyghur.html www.secnews.physaphae.fr/article.php?IdArticle=6751989 False Malware,Threat None None Security Affairs - Blog Secu Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from cybersecurity firm PRODAFT have discovered a previously undocumented software control panel, tracked as TeslaGun, used by a cybercrime group known as TA505. Russian TA505 hacking group, aka Evil Corp, has been active since 2014 focusing on Retail and banking […] ]]> 2022-09-06T13:51:43+00:00 https://securityaffairs.co/wordpress/135387/apt/ta505-teslagun-control-panel.html www.secnews.physaphae.fr/article.php?IdArticle=6750201 False None None None Security Affairs - Blog Secu China accuses the United States of conducting tens of thousands of cyberattacks on its country, including cyberespionage campaigns. The Government of Beijing accused the United States of launching tens of thousands of cyberattacks on China. The attacks aimed at stealing sensitive data from government entities and universities. In the past, the US Government has accused […] ]]> 2022-09-06T08:37:02+00:00 https://securityaffairs.co/wordpress/135369/cyber-warfare-2/china-accuses-us-cyberattacks.html www.secnews.physaphae.fr/article.php?IdArticle=6747338 False None None None Security Affairs - Blog Secu Interpol arrested 12 individuals which are suspected to be core members of a transnational sextortion ring. Interpol announced the arrest of 12 individuals suspected to be core members of a transnational sextortion ring. The arrests took place in July and August as a result of a joint investigation conducted by Interpol’s cybercrime division and police […] ]]> 2022-09-06T07:23:28+00:00 https://securityaffairs.co/wordpress/135357/cyber-crime/interpol-dismantled-sextortion-ring.html www.secnews.physaphae.fr/article.php?IdArticle=6746808 False None None 4.0000000000000000 Security Affairs - Blog Secu QNAP warns customers of ongoing DeadBolt ransomware attacks that are exploiting a zero-day vulnerability in Photo Station. QNAP warns customers of an ongoing wave of DeadBolt ransomware attacks, threat actors are exploiting a zero-day vulnerability in Photo Station. The attacks started on Saturday meantime the Taiwanese vendor has addressed the vulnerability. “QNAP Systems, Inc. today […] ]]> 2022-09-05T20:43:48+00:00 https://securityaffairs.co/wordpress/135347/malware/qnap-deadbolt-ransomware-new-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=6743256 False Ransomware,Vulnerability,Threat None None Security Affairs - Blog Secu Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen source code and user data. The group published screenshots of an alleged stolen data, it claims to […] ]]> 2022-09-05T18:03:10+00:00 https://securityaffairs.co/wordpress/135333/data-breach/tiktok-data-leak.html www.secnews.physaphae.fr/article.php?IdArticle=6742175 False Data Breach None None Security Affairs - Blog Secu Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus software to identify the app based on the Chromium browser engine or the Electron JavaScript framework as malware. Multiple users reported […] ]]> 2022-09-05T11:44:19+00:00 https://securityaffairs.co/wordpress/135326/security/windows-defender-flase-positive.html www.secnews.physaphae.fr/article.php?IdArticle=6739548 False Ransomware,Malware None None Security Affairs - Blog Secu Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark […] ]]> 2022-09-05T08:39:46+00:00 https://securityaffairs.co/wordpress/135318/cyber-crime/evilproxy-phishing-as-a-service.html www.secnews.physaphae.fr/article.php?IdArticle=6738394 False Hack,Guideline None None Security Affairs - Blog Secu Experts spotted an upgraded version of the SharkBot malware that was uploaded to the official Google Play Store. Fox IT researchers have spotted an upgraded version of a SharkBot dropper that was uploaded to the official Google Play Store. While previous variants of the dropper relied on Accessibility permissions to automatically install the Sharkbot malware, […] ]]> 2022-09-05T08:02:25+00:00 https://securityaffairs.co/wordpress/135303/malware/sharkbot-variant-google-play.html www.secnews.physaphae.fr/article.php?IdArticle=6738029 False Malware None None Security Affairs - Blog Secu Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American Express customers. The messages use a malicious attachment and their content attempt to trick cardholders into opening it. The subject of the emails reads “Important Notification About Your Account” in an attempt to urge recipients […] ]]> 2022-09-04T22:25:04+00:00 https://securityaffairs.co/wordpress/135292/hacking/phishing-scam-targets-american-express.html www.secnews.physaphae.fr/article.php?IdArticle=6732007 False None None None Security Affairs - Blog Secu The popular collective Anonymous and the IT Army of Ukraine hacked the Yandex Taxi app causing a massive traffic jam in Moscow. This week Anonymous announced to have hacked the Yandex Taxi app, the largest taxi service in Russia, and used it to cause a massive traffic jam in Moscow. The threat actors ordered all […] ]]> 2022-09-04T13:23:48+00:00 https://securityaffairs.co/wordpress/135280/hacktivism/anonyomus-hacked-yandex-taxi.html www.secnews.physaphae.fr/article.php?IdArticle=6725521 False Threat None None Security Affairs - Blog Secu The Internal Revenue Service (IRS) mistakenly leaked confidential information for approximately 120,000 taxpayers. Bad news for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns, the Internal Revenue Service has accidentally leaked their confidential information. Form 990-T is a form that a tax exempt organization files with the IRS to report its unrelated business income and to figure the tax owed on that income. On Friday, the IRS announced it has […] ]]> 2022-09-04T10:37:25+00:00 https://securityaffairs.co/wordpress/135271/security/irs-data-leak.html www.secnews.physaphae.fr/article.php?IdArticle=6723328 True None None None Security Affairs - Blog Secu The author of the remote access trojan (RAT) CodeRAT has leaked the source code of its malware on GitHub. The development team behind the remote access trojan (RAT) CodeRAT has leaked the source code of its malware on GitHub after the SafeBreach Labs researchers recently analyzed a new targeted attack aimed at Farsi-speaking code developers. […] ]]> 2022-09-04T09:14:26+00:00 https://securityaffairs.co/wordpress/135255/malware/coderat-malware.html www.secnews.physaphae.fr/article.php?IdArticle=6722594 False Malware,Threat None None Security Affairs - Blog Secu Google rolled out emergency fixes to address a vulnerability in the Chrome web browser that is being actively exploited in the wild. Google on Friday released emergency fixes to address a vulnerability, tracked as CVE-2022-3075, in the Chrome web browser that is being actively exploited in the wild. The CVE-2022-3075 flaw is caused by insufficient data […] ]]> 2022-09-03T15:37:55+00:00 https://securityaffairs.co/wordpress/135249/security/chrome-emergency-patches.html www.secnews.physaphae.fr/article.php?IdArticle=6707733 False Vulnerability None None Security Affairs - Blog Secu Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After the attack that hit the company in late July 2022, Samsung disclosed a data breach. The Electronics giant discovered on August 4 that threat actors have had access to its systems and exfiltrated customer personal […] ]]> 2022-09-02T22:38:44+00:00 https://securityaffairs.co/wordpress/135241/data-breach/samsung-second-data-breach-2022.html www.secnews.physaphae.fr/article.php?IdArticle=6692821 True Data Breach,Threat None None Security Affairs - Blog Secu The information-stealing malware Prynt Stealer contains a backdoor that allows stealing the data it has infiltrated from victims. Zscaler researchers discovered Telegram channel-based backdoor in the information stealing malware, Prynt Stealer, which allows to secretly steal a copy of the data exfiltrated from the victims. “Zscaler ThreatLabz researchers have uncovered the Prynt Stealer builder, also […] ]]> 2022-09-02T17:31:54+00:00 https://securityaffairs.co/wordpress/135229/malware/prynt-stealer-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=6688283 False Malware None None Security Affairs - Blog Secu Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team recently observed an Executable and Linkable Format (ELF) ransomware which encrypts the files inside Linux systems based on the given folder path. We observed that the dropped README note matches exactly with the DarkAngels ransomware […] ]]> 2022-09-02T13:26:40+00:00 https://securityaffairs.co/wordpress/135218/malware/linux-ransomware-under-development.html www.secnews.physaphae.fr/article.php?IdArticle=6684725 False Ransomware,Threat None None Security Affairs - Blog Secu Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp. Raspberry Robin is a Windows worm discovered […] ]]> 2022-09-02T12:54:09+00:00 https://securityaffairs.co/wordpress/135206/cyber-crime/raspberry-robin-linked-to-evil-corp.html www.secnews.physaphae.fr/article.php?IdArticle=6683865 False Malware None None Security Affairs - Blog Secu A security issue in the Google Chrome browser could allow malicious web pages to automatically overwrite clipboard content. A vulnerability in the Google Chrome browser, as well as Chromium-based browsers, could allow malicious web pages to automatically overwrite the clipboard content without any user interaction and consent simply visiting them. According to a blog post […] ]]> 2022-09-02T10:48:48+00:00 https://securityaffairs.co/wordpress/135197/hacking/google-chrome-bug-clipboard-overwrite.html www.secnews.physaphae.fr/article.php?IdArticle=6682125 False Vulnerability None None Security Affairs - Blog Secu Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm. Researchers from cybersecurity firm eSentire discovered that the attack infrastructure used in recent Cisco hack was also used to attack a top Workforce Management corporation in in April 2022. The experts also speculate that the […] ]]> 2022-09-02T07:25:46+00:00 https://securityaffairs.co/wordpress/135188/cyber-crime/cisco-hack-atatck-infrastructure.html www.secnews.physaphae.fr/article.php?IdArticle=6679609 False Hack None None Security Affairs - Blog Secu Researchers from Cyble analyzed a new, highly evasive JavaScript skimmer used by Magecart threat actors. Cyble Research & Intelligence Labs started its investigation after seeing a post on Twitter a new JavaScript skimmer developed by the Magecart threat group used to target Magento e-commerce websites. In Magecart attacks against Magento e-stores, attackers attempt to exploit vulnerabilities […] ]]> 2022-09-01T21:10:54+00:00 https://securityaffairs.co/wordpress/135177/cyber-crime/javascript-skimmer-magecart.html www.secnews.physaphae.fr/article.php?IdArticle=6671208 False Threat None None Security Affairs - Blog Secu The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen customers’ data. The Ragnar Locker ransomware added the Portuguese state-owned flag carrier airline TAP Air Portugal to its leak site and claims to have stolen customers’ data. On August 26, the Portugues company announced via […] ]]> 2022-09-01T15:27:41+00:00 https://securityaffairs.co/wordpress/135168/data-breach/ragnar-locker-ransomware-tap-air-portugal.html www.secnews.physaphae.fr/article.php?IdArticle=6666669 False Ransomware None None Security Affairs - Blog Secu Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. The experts pointed out that most of the apps containing hard-coded Amazon Web Services […] ]]> 2022-09-01T14:01:47+00:00 https://securityaffairs.co/wordpress/135152/hacking/apps-hard-coded-aws-credentials.html www.secnews.physaphae.fr/article.php?IdArticle=6665062 False Threat None None Security Affairs - Blog Secu A team of cybersecurity experts from the US FBI will help the authorities in Montenegro to investigate the recent massive cyberattack. A team of cybersecurity experts from the FBI is heading to Montenegro to help local authorities in investigating the recent massive cyber attack that hit the government infrastructure last week. “This is another confirmation […] ]]> 2022-09-01T09:36:00+00:00 https://securityaffairs.co/wordpress/135143/cyber-warfare-2/fbi-helps-montenegro-investigation.html www.secnews.physaphae.fr/article.php?IdArticle=6662681 False None None None Security Affairs - Blog Secu Apple released new security updates for older iPhone and iPad devices addressing recently fixed WebKit zero-day. Apple has released new updates to backport patches released this month to older iPhone and iPad devices addressing the CVE-2022-32893 flaw. The CVE-2022-32893 flaw is an out-of-bounds issue that impacts WebKit. An attacker can trigger the flaw by tricking target devices into processing maliciously crafted web […] ]]> 2022-09-01T08:06:38+00:00 https://securityaffairs.co/wordpress/135136/security/apple-security-flaws-iphone.html www.secnews.physaphae.fr/article.php?IdArticle=6661111 False None None None Security Affairs - Blog Secu 2022-08-31T22:31:33+00:00 https://securityaffairs.co/wordpress/135125/mobile-2/tiktok-android-app-bug.html www.secnews.physaphae.fr/article.php?IdArticle=6653000 False Vulnerability,Guideline None None Security Affairs - Blog Secu Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor. Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected. “The internal […] ]]> 2022-08-31T19:42:45+00:00 https://securityaffairs.co/wordpress/135116/hacking/eni-suffered-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=6650572 False Threat None 2.0000000000000000 Security Affairs - Blog Secu 2022-08-31T16:43:57+00:00 https://securityaffairs.co/wordpress/135090/malware/gowebbfuscator-james-webb-space-telescope.html www.secnews.physaphae.fr/article.php?IdArticle=6648566 False Malware,Threat None None Security Affairs - Blog Secu Researchers spotted 5 malicious Google Chrome extensions used to track users’ browsing activity and profit of retail affiliate programs. McAfee researchers discovered five malicious Google Chrome extensions with a total install base of over 1,400,000. The malicious Google Chrome extensions were masquerading as Netflix viewers, website coupons, and apps for taking screenshots of a website. […] ]]> 2022-08-31T14:52:12+00:00 https://securityaffairs.co/wordpress/135091/hacking/malicious-google-chrome-extensions.html www.secnews.physaphae.fr/article.php?IdArticle=6647070 False None None None Security Affairs - Blog Secu Experts uncovered a cyber espionage campaign conducted by a China-linked APT group and aimed at several entities in the South China Sea. Proofpoint's Threat Research Team uncovered a cyber espionage campaign targeting entities across the world that was orchestrated by a China-linked threat actor. The campaign aimed at entities in Australia, Malaysia, and Europe, as […] ]]> 2022-08-31T13:03:30+00:00 https://securityaffairs.co/wordpress/135076/apt/apt40-scanbox-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=6645584 False Threat APT 40 None Security Affairs - Blog Secu The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users. The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users. According to the company, the attackers stole a 2021 database from its infrastructure and also shared a samples online to demonstrate the authenticity of […] ]]> 2022-08-31T08:00:52+00:00 https://securityaffairs.co/wordpress/135069/data-breach/start-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=6641929 False Data Breach None None Security Affairs - Blog Secu Google this week launched a new bug bounty program that covers the open source projects of the IT giant. Google launched a new bug bounty program as part of the new Open Source Software Vulnerability Rewards Program (OSS VRP) that covers the source projects of the IT giant. The company will pay up to $31,337 […] ]]> 2022-08-30T16:50:57+00:00 https://securityaffairs.co/wordpress/135059/security/google-bug-bounty-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=6628596 False Vulnerability None None Security Affairs - Blog Secu Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners Cisco Talos researchers observed three separate, but related, campaigns between March and June 2022 that were delivering multiple malware, including the ModernLoader bot (aka Avatar bot), RedLine info-stealer and cryptocurrency miners to victims. ModernLoader is a .NET remote access trojan that […] ]]> 2022-08-30T15:00:45+00:00 https://securityaffairs.co/wordpress/135046/malware/malware-campaigns-modernloader.html www.secnews.physaphae.fr/article.php?IdArticle=6626791 False None None None Security Affairs - Blog Secu A group of researchers from the Georgia Institute of Technology discovered malicious plugins on tens of thousands of WordPress sites. A team of researchers from the Georgia Institute of Technology has analyzed the backups of more than 400,000 unique web servers and discovered 47,337 malicious plugins installed on 24,931 unique WordPress websites. The experts studied […] ]]> 2022-08-30T13:30:27+00:00 https://securityaffairs.co/wordpress/135032/reports/wordpress-malicious-plugins.html www.secnews.physaphae.fr/article.php?IdArticle=6625894 False None None None Security Affairs - Blog Secu 2022-08-30T09:47:59+00:00 https://securityaffairs.co/wordpress/135026/cyber-crime/baker-taylor-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=6622495 False Ransomware None None Security Affairs - Blog Secu The U.S. FBI warns investors that crooks are increasingly exploiting security issues in Decentralized Finance (DeFi) platforms to steal cryptocurrency. The U.S. Federal Bureau of Investigation (FBI) published a Public Service Announcement (PSA) to warn investors that cybercriminals are increasingly exploiting security flaws in Decentralized Finance (DeFi) platforms to steal cryptocurrency. Threat actors are exploiting […] ]]> 2022-08-30T05:26:17+00:00 https://securityaffairs.co/wordpress/135017/cyber-crime/fbi-warns-defi-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=6619614 False Threat None None Security Affairs - Blog Secu The U.S. FTC sued US data broker Kochava for selling sensitive and precise geolocation data collected from hundreds of millions of mobile devices. The U.S. Federal Trade Commission (FTC) filed a lawsuit against the US-based data broker Kochava for selling sensitive and precise geolocation data collected from hundreds of millions of mobile devices. “Defendant's violations […] ]]> 2022-08-29T20:48:55+00:00 https://securityaffairs.co/wordpress/135004/security/ftc-sued-data-broker-kochava.html www.secnews.physaphae.fr/article.php?IdArticle=6616073 False None None None Security Affairs - Blog Secu Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. Early August, the communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. The attackers accessed company systems using employee credentials obtained through […] ]]> 2022-08-29T15:25:45+00:00 https://securityaffairs.co/wordpress/134984/data-breach/twilio-hack-authy-2fa.html www.secnews.physaphae.fr/article.php?IdArticle=6613781 False Hack,Threat None None Security Affairs - Blog Secu Researchers spotted a Turkish-based crypto miner malware campaign, tracked as Nitrokod, which infected systems across 11 countries. Check Point researchers discovered a Turkish based crypto miner malware campaign, dubbed Nitrokod, which infected machines across 11 countries The threat actors dropped the malware from popular software available on dozens of free software websites, including Softpedia and […] ]]> 2022-08-29T13:11:48+00:00 https://securityaffairs.co/wordpress/134985/cyber-crime/nitrokod-crypto-miner-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=6612759 False Malware,Threat None None Security Affairs - Blog Secu The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 10 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 10 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including a high-severity security flaw (CVE-2021-38406 CVSS score: 7.8) impacting Delta Electronics industrial automation software. According to Binding Operational Directive (BOD) 22-01: […] ]]> 2022-08-29T09:03:36+00:00 https://securityaffairs.co/wordpress/134975/security/cisa-known-exploited-vulnerabilities-catalog.html www.secnews.physaphae.fr/article.php?IdArticle=6610672 False None None None Security Affairs - Blog Secu Scammers used a deepfake AI hologram of the Binance chief communications officer for fraudulent activities. Patrick Hillmann, chief communications officer of Binance, confirmed that scammers used his Deepfake AI hologram to trick users into online meetings and target the projects of clients of the company. Hillmann explained in a blog post that the attack was […] ]]> 2022-08-29T07:43:12+00:00 https://securityaffairs.co/wordpress/134942/hacking/binance-scammers-deepfake-video.html www.secnews.physaphae.fr/article.php?IdArticle=6610294 False None None None Security Affairs - Blog Secu Researchers discovered leaked PII stolen from Thailand's Department of Medical Sciences containing information about citizens with COVID-19. Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand's Department of Medical Sciences containing information about citizens with COVID-19 symptoms. The incident was uncovered last week and shared with Thai CERT. The […] ]]> 2022-08-29T07:26:06+00:00 https://securityaffairs.co/wordpress/134952/deep-web/covid-19-data-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=6610295 False None None None Security Affairs - Blog Secu 2022-08-28T21:51:02+00:00 https://securityaffairs.co/wordpress/134962/malware/surveillance-firm-intellexa-offer.html www.secnews.physaphae.fr/article.php?IdArticle=6602091 False None None None Security Affairs - Blog Secu The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The Python Package Index, PyPI, this week warned of an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to the packages in the repository. “Today we received reports of a phishing […] ]]> 2022-08-28T15:36:36+00:00 https://securityaffairs.co/wordpress/134931/cyber-crime/pypi-phishing-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=6596513 False None None None Security Affairs - Blog Secu Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa. Trend Micro researchers recently discovered a new piece of targeted ransomware, tracked as Agenda, that was written in the Go programming language. The ransomware was employed in a targeted attack against one of […] ]]> 2022-08-28T05:06:36+00:00 https://securityaffairs.co/wordpress/134911/cyber-crime/agenda-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=6587220 False Ransomware,Threat None 3.0000000000000000 Security Affairs - Blog Secu Twilio hackers also compromised the food delivery firm DoorDash, the attackers had access to company data, including customer and employee info. On-demand food delivery service DoorDash disclosed a data breach, the threat actors behind the Twilio hack gained access to the company’s data. DoorDash declared that malicious hackers stole credentials from employees of a third-party vendor, then […] ]]> 2022-08-27T16:14:51+00:00 https://securityaffairs.co/wordpress/134905/data-breach/twilio-hackers-breached-doordash.html www.secnews.physaphae.fr/article.php?IdArticle=6573227 False Hack,Threat None None Security Affairs - Blog Secu The state Infrastructure of Montenegro was hit by a massive and “unprecedented” cyber attack, authorities announced. An unprecedented cyber attack hit the Government digital infrastructure in Montenegro, the government has timely adopted measures to mitigate its impact. Montenegro immediately reported the attack to other members of the NATO alliance. “Certain services were switched off temporarily […] ]]> 2022-08-27T08:15:39+00:00 https://securityaffairs.co/wordpress/134900/cyber-warfare-2/montenegro-cyber-attack.html www.secnews.physaphae.fr/article.php?IdArticle=6564597 False None None None Security Affairs - Blog Secu Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. Threat actors abused a vulnerable anti-cheat driver, named mhyprot2.sys, for the Genshin Impact video game to disable antivirus software. According to Trend Micro, a cybercrime gang abused the driver to deploy ransomware. The driver provides anti-cheat functions, but […] ]]> 2022-08-27T07:06:40+00:00 https://securityaffairs.co/wordpress/134884/malware/anti-cheat-driver-disable-antivirus.html www.secnews.physaphae.fr/article.php?IdArticle=6563515 False Threat None None Security Affairs - Blog Secu Atlassian addressed a critical vulnerability in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances. Atlassian fixed a critical flaw in Bitbucket Server and Data Center, tracked as CVE-2022-36804 (CVSS score 9.9), that could be explored to execute malicious code on vulnerable installs The flaw is a command injection vulnerability that can be exploited via […] ]]> 2022-08-26T23:08:15+00:00 https://securityaffairs.co/wordpress/134896/hacking/atlassian-bitbucket-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=6554787 False Vulnerability,Guideline None None Security Affairs - Blog Secu An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. The Log4Shell flaw (CVE-2021-44228) made the headlines in December after Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for the critical remote code execution zero-day vulnerability (aka Log4Shell) that affects the Apache Log4j Java-based logging library. The flaw can be exploited […] ]]> 2022-08-26T17:19:35+00:00 https://securityaffairs.co/wordpress/134876/apt/mercury-exploit-log4shell-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=6548347 False Vulnerability None None Security Affairs - Blog Secu The North Korea-linked Kimsuky APT is behind a new campaign, tracked as GoldDragon, targeting political and diplomatic entities in South Korea in early 2022. Researchers from Kaspersky attribute a series of attacks, tracked as GoldDragon, against political and diplomatic entities located in South Korea in early 2022 to the North Korea-linked group Kimsuky. Kimsuky cyberespiona group […] ]]> 2022-08-26T08:30:53+00:00 https://securityaffairs.co/wordpress/134864/apt/kimsuky-golddragon-apt.html www.secnews.physaphae.fr/article.php?IdArticle=6539079 False None None None Security Affairs - Blog Secu The threat actors behind Twilio and Cloudflare attacks have been linked to a phishing campaign that targeted other 136 organizations. The threat actors behind the attacks on Twilio and Cloudflare have been linked to a large-scale phishing campaign that targeted 136 organizations, security firm Group-IB reported. Most of the victims are organizations providing IT, software development, and cloud services. The campaign, codenamed 0ktapus, […] ]]> 2022-08-26T06:58:36+00:00 https://securityaffairs.co/wordpress/134851/hacking/0ktapus-phishing-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=6537030 False Threat None None Security Affairs - Blog Secu Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical […] ]]> 2022-08-25T23:18:15+00:00 https://securityaffairs.co/wordpress/134858/data-breach/lastpass-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=6529872 False Threat LastPass None Security Affairs - Blog Secu Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.  The NOBELIUM APT (APT29, Cozy Bear, and The Dukes) is the threat actor that […] ]]> 2022-08-25T17:11:38+00:00 https://securityaffairs.co/wordpress/134838/apt/nobelium-magicweb-tool.html www.secnews.physaphae.fr/article.php?IdArticle=6524118 False Malware,Threat APT 29 None Security Affairs - Blog Secu GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular researcher Mordechai Guri from the Ben-Gurion University of the Negev in Israel devise an attack technique, named GAIROSCOPE, to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The attack requires that the […] ]]> 2022-08-25T08:19:53+00:00 https://securityaffairs.co/wordpress/134825/hacking/gairoscope-air-gapped-system-attack.html www.secnews.physaphae.fr/article.php?IdArticle=6516987 False None None None Security Affairs - Blog Secu Threat actors are using the Tox peer-to-peer instant messaging service as a command-and-control server, Uptycs researchers reported. Tox is a peer-to-peer serverless instant messaging services that uses NaCl for encryption and decryption. Uptycs researchers reported that threat actors have started using the Tox peer-to-peer instant messaging service as a command-and-control server. Tox has been used in […] ]]> 2022-08-25T06:59:38+00:00 https://securityaffairs.co/wordpress/134806/malware/tox-p2p-c2-server.html www.secnews.physaphae.fr/article.php?IdArticle=6515464 False Threat None None Security Affairs - Blog Secu The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. Plex is an American streaming media service and a client–server media player platform. The company disclosed a data breach after threat actors have access to a limited subset of data stored in a compromised database. Exposed data includes emails, usernames, and […] ]]> 2022-08-24T23:12:45+00:00 https://securityaffairs.co/wordpress/134814/data-breach/plex-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=6509871 False Data Breach,Threat None None Security Affairs - Blog Secu The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign now target Google G Suite users The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services were spotted targeting Google G Suite users. In AiTM phishing, threat actors set up a proxy server between a target user and the website the user […] ]]> 2022-08-24T17:48:20+00:00 https://securityaffairs.co/wordpress/134796/cyber-crime/aitm-phishing-g-suite.html www.secnews.physaphae.fr/article.php?IdArticle=6505116 False Threat None None Security Affairs - Blog Secu VMware this week released patches to address an important-severity vulnerability in the VMware Tools suite of utilities. The virtualization giant VMware this week released patches to address an important-severity flaw, tracked as CVE-2022-31676, which impacts the VMware Tools suite of utilities. VMware Tools is a set of services and modules that enable several features in company […] ]]> 2022-08-24T07:56:58+00:00 https://securityaffairs.co/wordpress/134791/security/vmware-vmware-tools-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=6498486 False Vulnerability None None Security Affairs - Blog Secu A French hospital, the Center Hospitalier Sud Francilien (CHSF), suffered a cyberattack on Sunday and was forced to refer patients to other structures. The Center Hospitalier Sud Francilien (CHSF), a hospital southeast of Paris, has suffered a ransomware attack over the weekend. The attack disrupted the emergency services and surgeries and forced the hospital to refer patients […] ]]> 2022-08-24T07:01:06+00:00 https://securityaffairs.co/wordpress/134771/cyber-crime/center-hospitalier-sud-francilien-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=6497765 False Ransomware None None Security Affairs - Blog Secu Microsoft shared technical details of a critical ChromeOS flaw that could be exploited to trigger a DoS condition or for remote code execution. Microsoft shared details of a critical ChromeOS vulnerability tracked as CVE-2022-2587 (CVSS score of 9.8). The flaw is an out-of-bounds write issue in OS Audio Server that could be exploited to trigger […] ]]> 2022-08-23T23:25:15+00:00 https://securityaffairs.co/wordpress/134782/security/critical-chromeos-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=6491975 False Vulnerability None None Security Affairs - Blog Secu DevOps platform GitLab fixed a critical remote code execution flaw in its GitLab Community Edition (CE) and Enterprise Edition (EE) releases. DevOps platform GitLab has released security updates to fix a critical remote code execution vulnerability, tracked as CVE-2022-2884 (CVSS 9.9), affecting its GitLab Community Edition (CE) and Enterprise Edition (EE) releases. An authenticated attacker […] ]]> 2022-08-23T17:45:41+00:00 https://securityaffairs.co/wordpress/134769/security/gitlab-rce-bug.html www.secnews.physaphae.fr/article.php?IdArticle=6487178 False None None None Security Affairs - Blog Secu Experts warn that over 80,000 Hikvision cameras are vulnerable to a critical command injection vulnerability. Security researchers from CYFIRMA have discovered over 80,000 Hikvision cameras affected by a critical command injection vulnerability tracked as CVE-2021-36260. The Chinese vendor addressed the issue in September 2021, but tens of thousands of devices are yet to be patched. […] ]]> 2022-08-23T16:50:11+00:00 https://securityaffairs.co/wordpress/134756/security/hikvision-cameras-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=6486443 False Vulnerability None None Security Affairs - Blog Secu US Cybersecurity and Infrastructure Security Agency (CISA) added a flaw, tracked as CVE-2022-0028, affecting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. According to Binding Operational […] ]]> 2022-08-23T08:04:03+00:00 https://securityaffairs.co/wordpress/134749/security/palo-alto-networks-pan-os-flaw-2.html www.secnews.physaphae.fr/article.php?IdArticle=6480023 False None None None Security Affairs - Blog Secu Experts found backdoors in budget Android device models designed to target WhatsApp and WhatsApp Business messaging apps. Researchers from Doctor Web discovered backdoors in the system partition of budget Android device models that are counterfeit versions of famous brand-name models. The malware targets WhatsApp and WhatsApp Business messaging apps and can allow attackers to conduct […] ]]> 2022-08-23T07:03:34+00:00 https://securityaffairs.co/wordpress/134735/malware/counterfeit-versions-mobile-devices-target-whatsapp.html www.secnews.physaphae.fr/article.php?IdArticle=6479390 False Malware None None Security Affairs - Blog Secu LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The Lockbit ransomware […] ]]> 2022-08-23T00:02:06+00:00 https://securityaffairs.co/wordpress/134707/cyber-crime/lockbit-hacked-entrust.html www.secnews.physaphae.fr/article.php?IdArticle=6477170 False Ransomware,Hack None None