This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-05T04:36:36+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to be affiliated with the Foreign Intelligence Service (SVR) of the]]> 2024-02-27T16:04:00+00:00 https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html www.secnews.physaphae.fr/article.php?IdArticle=8455808 False Threat,Cloud APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. "It\'s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted]]> 2024-02-27T15:48:00+00:00 https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8455809 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw. In an advisory published last week, WordPress]]> 2024-02-27T11:13:00+00:00 https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8455718 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) under the moniker UAC-0184. "The attack, as part of the IDAT Loader, used]]> 2024-02-26T20:24:00+00:00 https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html www.secnews.physaphae.fr/article.php?IdArticle=8455453 False Malware,Threat,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 8,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit package delivery alerts]]> 2024-02-26T19:40:00+00:00 https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html www.secnews.physaphae.fr/article.php?IdArticle=8455427 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils. One of the packages in question, execution-time-async, masquerades as its legitimate]]> 2024-02-26T17:57:00+00:00 https://thehackernews.com/2024/02/north-korean-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8455379 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be attacked and defended. We\'re going to talk in this]]> 2024-02-26T15:59:00+00:00 https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html www.secnews.physaphae.fr/article.php?IdArticle=8455338 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. "The infection chains associated with these malware families feature the use of malicious]]> 2024-02-26T15:21:00+00:00 https://thehackernews.com/2024/02/banking-trojans-target-latin-america.html www.secnews.physaphae.fr/article.php?IdArticle=8455339 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing. The administrator behind LockBit, in a&]]> 2024-02-26T10:27:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8455224 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, "has engaged with law enforcement," authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue]]> 2024-02-25T14:23:00+00:00 https://thehackernews.com/2024/02/authorities-claim-lockbit-admin.html www.secnews.physaphae.fr/article.php?IdArticle=8454915 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days,"]]> 2024-02-24T17:19:00+00:00 https://thehackernews.com/2024/02/microsoft-expands-free-logging.html www.secnews.physaphae.fr/article.php?IdArticle=8454550 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,]]> 2024-02-23T22:38:00+00:00 https://thehackernews.com/2024/02/dormant-pypi-package-compromised-to.html www.secnews.physaphae.fr/article.php?IdArticle=8454213 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team]]> 2024-02-23T17:01:00+00:00 https://thehackernews.com/2024/02/microsoft-releases-pyrit-red-teaming.html www.secnews.physaphae.fr/article.php?IdArticle=8454107 False Tool,Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it\'s been shared]]> 2024-02-23T16:59:00+00:00 https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html www.secnews.physaphae.fr/article.php?IdArticle=8454108 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched high-severity security flaw in Apple\'s Shortcuts app that could permit a shortcut to access sensitive information on the device without users\' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and ]]> 2024-02-23T10:35:00+00:00 https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8453985 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users\' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was]]> 2024-02-23T09:00:00+00:00 https://thehackernews.com/2024/02/ftc-slams-avast-with-165-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8453953 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach]]> 2024-02-22T21:55:00+00:00 https://thehackernews.com/2024/02/apple-unveils-pq3-protocol-post-quantum.html www.secnews.physaphae.fr/article.php?IdArticle=8453752 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/cybercriminals-weaponizing-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8453620 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is]]> 2024-02-22T16:14:00+00:00 https://thehackernews.com/2024/02/a-new-age-of-hacktivism.html www.secnews.physaphae.fr/article.php?IdArticle=8453621 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People\'s Republic of Korea (DPRK)-nexus actors targeting Russia. The]]> 2024-02-22T16:13:00+00:00 https://thehackernews.com/2024/02/russian-government-software-backdoored.html www.secnews.physaphae.fr/article.php?IdArticle=8453622 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly]]> 2024-02-22T10:56:00+00:00 https://thehackernews.com/2024/02/us-offers-15-million-bounty-to-hunt.html www.secnews.physaphae.fr/article.php?IdArticle=8453518 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a]]> 2024-02-21T21:46:00+00:00 https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8453299 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter," Trend Micro researchers Sunny Lu]]> 2024-02-21T18:33:00+00:00 https://thehackernews.com/2024/02/mustang-panda-targets-asia-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453207 False Malware,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can\'t possibly become experts in the nuances of the native]]> 2024-02-21T17:00:00+00:00 https://thehackernews.com/2024/02/6-ways-to-simplify-saas-identity.html www.secnews.physaphae.fr/article.php?IdArticle=8453182 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light-it wasn\'t just computer networks that were brought to a halt, but actual patient]]> 2024-02-21T14:50:00+00:00 https://thehackernews.com/2024/02/cybersecurity-for-healthcarediagnosing.html www.secnews.physaphae.fr/article.php?IdArticle=8453138 False Ransomware,Threat,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit]]> 2024-02-21T13:30:00+00:00 https://thehackernews.com/2024/02/new-vietcredcare-stealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8453092 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) End-to-end encrypted (E2EE) messaging app Signal said it\'s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal\'s Randall Sarafa said. “People who have your number saved in their]]> 2024-02-21T12:47:00+00:00 https://thehackernews.com/2024/02/signal-introduces-usernames-allowing.html www.secnews.physaphae.fr/article.php?IdArticle=8453093 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and a European Union agency in November 2023]]> 2024-02-21T11:31:00+00:00 https://thehackernews.com/2024/02/russian-hackers-target-ukraine-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453047 False Spam,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying]]> 2024-02-21T11:04:00+00:00 https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8453048 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report. The cryptojacking attack is facilitated]]> 2024-02-20T20:50:00+00:00 https://thehackernews.com/2024/02/new-migo-malware-targeting-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8452773 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit\'s source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos. "Some of the data on LockBit\'s systems belonged to victims who had paid a ransom to the threat actors, evidencing that even when a ransom is paid, it does not]]> 2024-02-20T18:25:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomware-operation-shut-down.html www.secnews.physaphae.fr/article.php?IdArticle=8452720 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP6HelperHttptest and NP6HelperHttper, were each downloaded 537 and 166 times, respectively,]]> 2024-02-20T18:00:00+00:00 https://thehackernews.com/2024/02/new-malicious-pypi-packages-caught.html www.secnews.physaphae.fr/article.php?IdArticle=8452749 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany\'s Federal Office for the Protection of the Constitution (BfV) and South Korea\'s National Intelligence Service (NIS), the agencies said the goal of the attacks is to plunder advanced defense technologies in a "]]> 2024-02-20T16:23:00+00:00 https://thehackernews.com/2024/02/new-report-reveals-north-korean-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8452679 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider threat group. Their attacks targeted the nerve centers of major financial and insurance institutions, culminating in what stands as one of the most impactful ransomware assaults in recent memory.  When organizations have no response plan in place for such an]]> 2024-02-20T16:23:00+00:00 https://thehackernews.com/2024/02/learn-how-to-build-incident-response.html www.secnews.physaphae.fr/article.php?IdArticle=8452678 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world\'s most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a]]> 2024-02-20T16:23:00+00:00 https://thehackernews.com/2024/02/saas-compliance-through-nist.html www.secnews.physaphae.fr/article.php?IdArticle=8452677 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, are listed below - Authentication bypass using an alternate path or channel (CVSS score: 10.0) Improper limitation of]]> 2024-02-20T16:08:00+00:00 https://thehackernews.com/2024/02/critical-flaws-found-in-connectwise.html www.secnews.physaphae.fr/article.php?IdArticle=8452680 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. It has been addressed by the theme developers in&]]> 2024-02-20T14:38:00+00:00 https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8452637 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns designed to steal intelligence, and information operations to turn public opinion against Israel. Iran]]> 2024-02-20T11:31:00+00:00 https://thehackernews.com/2024/02/iran-and-hezbollah-hackers-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8452588 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group\'s .onion website displays a seizure banner containing the message "]]> 2024-02-20T10:55:00+00:00 https://thehackernews.com/2024/02/lockbit-ransomwares-darknet-domains.html www.secnews.physaphae.fr/article.php?IdArticle=8452572 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. "Their various malware included]]> 2024-02-19T18:44:00+00:00 https://thehackernews.com/2024/02/meta-warns-of-8-spyware-firms-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8452317 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Response (NDR) and how it\'s become the most effective technology to detect cyber threats?  NDR massively]]> 2024-02-19T17:00:00+00:00 https://thehackernews.com/2024/02/bye-bye-siem-hello-risk-based-alerting.html www.secnews.physaphae.fr/article.php?IdArticle=8452297 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play\'s enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.]]> 2024-02-19T15:59:00+00:00 https://thehackernews.com/2024/02/anatsa-android-trojan-bypasses-google.html www.secnews.physaphae.fr/article.php?IdArticle=8452280 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia, Poland, and Ukraine, according to Recorded Future, which attributed the intrusion set to a threat]]> 2024-02-19T10:35:00+00:00 https://thehackernews.com/2024/02/russian-linked-hackers-breach-80.html www.secnews.physaphae.fr/article.php?IdArticle=8452169 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal. Charming Kitten, also called APT35, CharmingCypress, Mint Sandstorm, TA453, and Yellow Garuda, has a history of orchestrating a wide range of social engineering campaigns that cast a]]> 2024-02-19T10:09:00+00:00 https://thehackernews.com/2024/02/iranian-hackers-target-middle-east.html www.secnews.physaphae.fr/article.php?IdArticle=8452155 False Threat APT 35 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the FBI\'s most-wanted list in 2012. The U.S.]]> 2024-02-18T12:42:00+00:00 https://thehackernews.com/2024/02/fbis-most-wanted-zeus-and-icedid.html www.secnews.physaphae.fr/article.php?IdArticle=8451785 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction.  However, business communication channels are also a major target]]> 2024-02-17T13:48:00+00:00 https://thehackernews.com/2024/02/how-businesses-can-safeguard-their.html www.secnews.physaphae.fr/article.php?IdArticle=8451335 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it\'s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. "Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher precision on traditionally hard to identify, but potentially problematic content]]> 2024-02-17T12:56:00+00:00 https://thehackernews.com/2024/02/google-open-sources-magika-ai-powered.html www.secnews.physaphae.fr/article.php?IdArticle=8451312 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it\'s being likely exploited in Akira ransomware attacks. The vulnerability in question is ]]> 2024-02-16T21:12:00+00:00 https://thehackernews.com/2024/02/cisa-warning-akira-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8451009 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It\'s distributed by masquerading itself as a Visual]]> 2024-02-16T18:57:00+00:00 https://thehackernews.com/2024/02/rustdoor-macos-backdoor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8450959 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public. While this is creating greater awareness among smaller businesses of the need to improve their security posture, SMBs are often]]> 2024-02-16T16:20:00+00:00 https://thehackernews.com/2024/02/why-we-must-democratize-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8450881 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS). The SMS phishing messages are designed to propagate malicious links that are designed to capture victims\' personally identifiable information (PII) and payment card details, SentinelOne ]]> 2024-02-16T16:19:00+00:00 https://thehackernews.com/2024/02/malicious-sns-sender-script-abuses-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8450882 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization\'s network environment was compromised via an administrator account belonging to a former employee. "This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point," the agency said in a joint advisory published]]> 2024-02-16T13:10:00+00:00 https://thehackernews.com/2024/02/us-state-government-network-breached.html www.secnews.physaphae.fr/article.php?IdArticle=8450787 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. "These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.]]> 2024-02-16T12:19:00+00:00 https://thehackernews.com/2024/02/us-government-disrupts-russian-linked.html www.secnews.physaphae.fr/article.php?IdArticle=8450766 False None APT 28 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023. "TinyTurla-NG, just like TinyTurla, is a small \'last chance\' backdoor that is left behind to be used when all other unauthorized access/backdoor mechanisms have failed or been]]> 2024-02-15T20:38:00+00:00 https://thehackernews.com/2024/02/russian-turla-hackers-target-polish.html www.secnews.physaphae.fr/article.php?IdArticle=8450466 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating system used by the Utah-based software company for the device is CentOS 6.4. "Pulse Secure runs an]]> 2024-02-15T19:50:00+00:00 https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html www.secnews.physaphae.fr/article.php?IdArticle=8450467 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023. Their study]]> 2024-02-15T17:00:00+00:00 https://thehackernews.com/2024/02/how-nation-state-actors-target-your.html www.secnews.physaphae.fr/article.php?IdArticle=8450383 False Vulnerability,Studies,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that\'s capable of harvesting identity documents, facial recognition data, and intercepting SMS. "The GoldPickaxe family is available for both iOS and Android platforms,"]]> 2024-02-15T15:01:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html www.secnews.physaphae.fr/article.php?IdArticle=8450362 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker]]> 2024-02-15T10:49:00+00:00 https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8450273 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts made by five state-affiliated actors that used its]]> 2024-02-14T20:09:00+00:00 https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html www.secnews.physaphae.fr/article.php?IdArticle=8450023 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. "While \'command-not-found\' serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the]]> 2024-02-14T18:56:00+00:00 https://thehackernews.com/2024/02/ubuntu-command-not-found-tool-could.html www.secnews.physaphae.fr/article.php?IdArticle=8450004 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more]]> 2024-02-14T16:53:00+00:00 https://thehackernews.com/2024/02/cybersecurity-tactics-finserv.html www.secnews.physaphae.fr/article.php?IdArticle=8449961 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. Enterprise security firm Proofpoint said the activity targets organizations in the U.S. with voicemail-themed lures containing links to OneDrive URLs. "The URLs led to a Word file with names such as "]]> 2024-02-14T16:48:00+00:00 https://thehackernews.com/2024/02/bumblebee-malware-returns-with-new.html www.secnews.physaphae.fr/article.php?IdArticle=8449962 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet]]> 2024-02-14T13:03:00+00:00 https://thehackernews.com/2024/02/darkme-malware-targets-traders-using.html www.secnews.physaphae.fr/article.php?IdArticle=8449886 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed]]> 2024-02-14T10:31:00+00:00 https://thehackernews.com/2024/02/microsoft-rolls-out-patches-for-73.html www.secnews.physaphae.fr/article.php?IdArticle=8449859 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. "This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that can be extremely difficult to]]> 2024-02-13T20:07:00+00:00 https://thehackernews.com/2024/02/glupteba-botnet-evades-detection-with.html www.secnews.physaphae.fr/article.php?IdArticle=8449591 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of "devolution." "Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by removing advanced obfuscation techniques and changing the network communications," Zscaler ThreatLabz researcher Nikolaos]]> 2024-02-13T19:37:00+00:00 https://thehackernews.com/2024/02/pikabot-resurfaces-with-streamlined.html www.secnews.physaphae.fr/article.php?IdArticle=8449592 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches - safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors such as sophisticated spear-phishing, misconfigurations and]]> 2024-02-13T16:40:00+00:00 https://thehackernews.com/2024/02/midnight-blizzard-and-cloudflare.html www.secnews.physaphae.fr/article.php?IdArticle=8449550 False Vulnerability,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That\'s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.]]> 2024-02-13T12:33:00+00:00 https://thehackernews.com/2024/02/ivanti-vulnerability-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8449495 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of]]> 2024-02-13T10:21:00+00:00 https://thehackernews.com/2024/02/alert-cisa-warns-of-active-roundcube.html www.secnews.physaphae.fr/article.php?IdArticle=8449467 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). "Through a comprehensive analysis of Rhysida Ransomware, we identified an]]> 2024-02-12T18:42:00+00:00 https://thehackernews.com/2024/02/rhysida-ransomware-cracked-free.html www.secnews.physaphae.fr/article.php?IdArticle=8449262 False Ransomware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it\'s important to remember that MFA isn\'t foolproof. It can be bypassed, and it often is.  If a password is compromised, there are several options]]> 2024-02-12T16:44:00+00:00 https://thehackernews.com/2024/02/4-ways-hackers-use-social-engineering.html www.secnews.physaphae.fr/article.php?IdArticle=8449229 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it\'s partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the Principles for Package Repository Security, the framework aims to establish a set of foundational rules for package]]> 2024-02-12T16:11:00+00:00 https://thehackernews.com/2024/02/cisa-and-openssf-release-framework-for.html www.secnews.physaphae.fr/article.php?IdArticle=8449230 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Incident response (IR) is a race against time. You engage your internal or external team because there\'s enough evidence that something bad is happening, but you\'re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability to discover malicious files and outbound network connections. However, the identity aspect - namely]]> 2024-02-12T15:30:00+00:00 https://thehackernews.com/2024/02/why-are-compromised-identities.html www.secnews.physaphae.fr/article.php?IdArticle=8449216 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft said it\'s introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. "Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session," Microsoft Product Manager Jordi Adoumie said. "It is an ergonomic and familiar solution for users who want to elevate a command]]> 2024-02-12T11:15:00+00:00 https://thehackernews.com/2024/02/microsoft-introduces-linux-like-sudo.html www.secnews.physaphae.fr/article.php?IdArticle=8449150 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving away an additional $5 million for specifics that could lead to the arrest and/or conviction of any person "conspiring to participate in or attempting to participate in Hive ransomware activity."]]> 2024-02-12T10:01:00+00:00 https://thehackernews.com/2024/02/us-offers-10-million-bounty-for-info.html www.secnews.physaphae.fr/article.php?IdArticle=8449126 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws and three others – were "used to sell computer malware used by cybercriminals to secretly access and steal data from victims\' computers," the DoJ said. Alongside the takedown, the]]> 2024-02-11T16:24:00+00:00 https://thehackernews.com/2024/02/us-doj-dismantles-warzone-rat.html www.secnews.physaphae.fr/article.php?IdArticle=8448934 False Malware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact initial access pathway used to propagate the implant is currently not known, although]]> 2024-02-10T12:42:00+00:00 https://thehackernews.com/2024/02/alert-new-stealthy-rustdoor-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8448615 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period of time," Check Point said in a report this]]> 2024-02-09T22:02:00+00:00 https://thehackernews.com/2024/02/raspberry-robin-malware-upgrades-with.html www.secnews.physaphae.fr/article.php?IdArticle=8448448 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution," McAfee Labs said in a report published this week. "While the app is]]> 2024-02-09T19:04:00+00:00 https://thehackernews.com/2024/02/new-variant-of-moqhao-android-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8448386 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without]]> 2024-02-09T16:28:00+00:00 https://thehackernews.com/2024/02/hands-on-review-myrror-security-code.html www.secnews.physaphae.fr/article.php?IdArticle=8448370 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report. What]]> 2024-02-09T15:58:00+00:00 https://thehackernews.com/2024/02/new-coyote-trojan-targets-61-brazilian.html www.secnews.physaphae.fr/article.php?IdArticle=8448334 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and]]> 2024-02-09T13:10:00+00:00 https://thehackernews.com/2024/02/wazuh-in-cloud-era-navigating.html www.secnews.physaphae.fr/article.php?IdArticle=8448293 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor. Cisco Talos, which discovered the activity in May 2023, said the campaign has likely persisted since at least March 2021, adding it has identified only one compromised target to date, although it\'s]]> 2024-02-09T12:01:00+00:00 https://thehackernews.com/2024/02/stealthy-zardoor-backdoor-targets-saudi.html www.secnews.physaphae.fr/article.php?IdArticle=8448281 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially]]> 2024-02-09T11:06:00+00:00 https://thehackernews.com/2024/02/fortinet-warns-of-critical-fortios-ssl.html www.secnews.physaphae.fr/article.php?IdArticle=8448269 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti]]> 2024-02-09T09:05:00+00:00 https://thehackernews.com/2024/02/warning-new-ivanti-auth-bypass-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8448245 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. "Volt Typhoon\'s choice of targets and pattern]]> 2024-02-08T18:35:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-operate-undetected-in.html www.secnews.physaphae.fr/article.php?IdArticle=8448027 False Threat Guam 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If you\'ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits!  However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the]]> 2024-02-08T16:09:00+00:00 https://thehackernews.com/2024/02/unified-identity-look-for-meaning.html www.secnews.physaphae.fr/article.php?IdArticle=8447983 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. "The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"]]> 2024-02-08T15:58:00+00:00 https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html www.secnews.physaphae.fr/article.php?IdArticle=8447984 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts]]> 2024-02-08T15:47:00+00:00 https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html www.secnews.physaphae.fr/article.php?IdArticle=8447969 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll]]> 2024-02-08T12:23:00+00:00 https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html www.secnews.physaphae.fr/article.php?IdArticle=8447938 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an]]> 2024-02-08T10:40:00+00:00 https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8447898 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert data transfer system for other Chinese]]> 2024-02-07T20:41:00+00:00 https://thehackernews.com/2024/02/after-fbi-takedown-kv-botnet-operators.html www.secnews.physaphae.fr/article.php?IdArticle=8447704 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&]]> 2024-02-07T19:03:00+00:00 https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html www.secnews.physaphae.fr/article.php?IdArticle=8447657 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization\'s cybersecurity infrastructure and strategy. But you also need to position yourself as a reliable decision-maker, navigating professional responsibilities, business needs and leadership]]> 2024-02-07T16:08:00+00:00 https://thehackernews.com/2024/02/new-webinar-5-steps-to-vciso-success.html www.secnews.physaphae.fr/article.php?IdArticle=8447600 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by]]> 2024-02-07T15:15:00+00:00 https://thehackernews.com/2024/02/global-coalition-and-tech-giants-unite.html www.secnews.physaphae.fr/article.php?IdArticle=8447601 False Tool,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese state-backed hackers broke into a computer network that\'s used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a statement. "Because this system was self-contained, it did not lead to any damage to the]]> 2024-02-07T11:59:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-exploited-fortigate.html www.secnews.physaphae.fr/article.php?IdArticle=8447555 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated]]> 2024-02-07T10:35:00+00:00 https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html www.secnews.physaphae.fr/article.php?IdArticle=8447542 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. "This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors," Trustwave SpiderLabs said in a report shared with The Hacker News. Ov3r_Stealer]]> 2024-02-06T19:39:00+00:00 https://thehackernews.com/2024/02/beware-fake-facebook-job-ads-spreading.html www.secnews.physaphae.fr/article.php?IdArticle=8447298 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new security vulnerabilities have been discovered in Azure HDInsight\'s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition. "The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie," Orca security]]> 2024-02-06T19:32:00+00:00 https://thehackernews.com/2024/02/high-severity-flaws-found-in-azure.html www.secnews.physaphae.fr/article.php?IdArticle=8447299 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors. Recently, Adaptive Shield commissioned a Total Economic]]> 2024-02-06T16:23:00+00:00 https://thehackernews.com/2024/02/how-10b-enterprise-customer-drastically.html www.secnews.physaphae.fr/article.php?IdArticle=8447245 False Threat,Cloud None 3.0000000000000000