This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-02T02:18:41+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by the Southern District of New York (SDNY) for transmitting classified documents to WikiLeaks and for possessing child pornographic material. Joshua Adam Schulte, 35, was originally charged in June 2018. He was found guilty in July 2022. On September 13, 2023, he was&]]> 2024-02-02T16:10:00+00:00 https://thehackernews.com/2024/02/former-cia-engineer-sentenced-to-40.html www.secnews.physaphae.fr/article.php?IdArticle=8445947 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudzy, a prominent cloud infrastructure provider, proudly announces a significant enhancement in its cybersecurity landscape. This breakthrough has been achieved through a recent consultation with Recorded Future, a leader in providing real-time threat intelligence and cybersecurity analytics. This initiative, coupled with an overhaul of Cloudzy\'s cybersecurity strategies, represents a major]]> 2024-02-02T16:00:00+00:00 https://thehackernews.com/2024/02/cloudzy-elevates-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8445948 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP addresses and URLs. The law enforcement effort, codenamed Synergia, took place between September and November 2023 in an attempt to blunt the "growth, escalation and professionalization of transnational cybercrime." Involving 60 law]]> 2024-02-02T15:53:00+00:00 https://thehackernews.com/2024/02/interpol-arrests-31-in-global-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8445925 False Ransomware,Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code. The intrusion, which took place between November 14 and 24, 2023, and detected on November 23, was carried out "with the goal of]]> 2024-02-02T11:51:00+00:00 https://thehackernews.com/2024/02/cloudflare-breach-nation-state-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8445860 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. "The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible," web infrastructure and security]]> 2024-02-01T21:14:00+00:00 https://thehackernews.com/2024/02/fritzfrog-returns-with-log4shell-and.html www.secnews.physaphae.fr/article.php?IdArticle=8445634 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today. "The attacker escapes this container and runs multiple payloads on the]]> 2024-02-01T19:06:00+00:00 https://thehackernews.com/2024/02/exposed-docker-apis-under-attack-in.html www.secnews.physaphae.fr/article.php?IdArticle=8445595 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored threat actor called Volt Typhoon and blunt the impact posed by the hacking campaign. The existence of the botnet, dubbed KV-botnet, was first disclosed by the Black Lotus Labs team at]]> 2024-02-01T17:07:00+00:00 https://thehackernews.com/2024/02/us-feds-shut-down-china-linked-kv.html www.secnews.physaphae.fr/article.php?IdArticle=8445551 False Threat,Legislation Guam 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How\'s your vulnerability management program doing? Is it effective? A success? Let\'s be honest, without the right metrics or analytics, how can you tell how well you\'re doing, progressing, or if you\'re getting ROI? If you\'re not measuring, how do you know it\'s working? And even if you are measuring, faulty reporting or focusing on the wrong metrics can create blind spots and make it harder to]]> 2024-02-01T16:52:00+00:00 https://thehackernews.com/2024/02/why-right-metrics-matter-when-it-comes.html www.secnews.physaphae.fr/article.php?IdArticle=8445529 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed an updated version of the malware HeadCrab that\'s known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the financially-motivated threat actor behind the campaign is actively adapting and]]> 2024-02-01T16:52:00+00:00 https://thehackernews.com/2024/02/headcrab-20-goes-fileless-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8445530 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices. This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE. "CHAINLINE is a Python web shell backdoor that is]]> 2024-02-01T13:13:00+00:00 https://thehackernews.com/2024/02/warning-new-malware-emerges-in-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8445460 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component. "An attacker with]]> 2024-02-01T10:32:00+00:00 https://thehackernews.com/2024/02/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8445437 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk. "These container]]> 2024-02-01T01:30:00+00:00 https://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html www.secnews.physaphae.fr/article.php?IdArticle=8445309 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-21888 (CVSS score: 8.8) - A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows]]> 2024-01-31T19:08:00+00:00 https://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8445210 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange illicit tools and insights creating a dark and]]> 2024-01-31T17:51:00+00:00 https://thehackernews.com/2024/01/telegram-marketplaces-fuel-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8445172 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. "UNC4990 operations generally involve widespread USB infection followed by the deployment of the]]> 2024-01-31T16:30:00+00:00 https://thehackernews.com/2024/01/italian-businesses-hit-by-weaponized.html www.secnews.physaphae.fr/article.php?IdArticle=8445136 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The SEC isn\'t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them.  The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the]]> 2024-01-31T16:30:00+00:00 https://thehackernews.com/2024/01/the-sec-wont-let-cisos-be-understanding.html www.secnews.physaphae.fr/article.php?IdArticle=8445135 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that\'s used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), could be abused]]> 2024-01-31T12:53:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-exploiting-critical-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8445089 False Malware,Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc\'s __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It\'s said to have been accidentally]]> 2024-01-31T11:14:00+00:00 https://thehackernews.com/2024/01/new-glibc-flaw-grants-attackers-root.html www.secnews.physaphae.fr/article.php?IdArticle=8445069 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional]]> 2024-01-30T22:13:00+00:00 https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html www.secnews.physaphae.fr/article.php?IdArticle=8444876 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. "An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to]]> 2024-01-30T21:48:00+00:00 https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8444855 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar\'s Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the]]> 2024-01-30T19:15:00+00:00 https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html www.secnews.physaphae.fr/article.php?IdArticle=8444794 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It\'s the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in cybersecurity lies in this continuous adaptation and learning, always staying one step ahead of potential]]> 2024-01-30T16:19:00+00:00 https://thehackernews.com/2024/01/top-security-posture-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8444755 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Italy\'s data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. "The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation]," the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday. It also said it]]> 2024-01-30T15:50:00+00:00 https://thehackernews.com/2024/01/italian-data-protection-watchdog.html www.secnews.physaphae.fr/article.php?IdArticle=8444756 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet\'s infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. "The new version of Zloader made significant changes to the loader]]> 2024-01-30T14:13:00+00:00 https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8444718 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and]]> 2024-01-30T10:31:00+00:00 https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html www.secnews.physaphae.fr/article.php?IdArticle=8444659 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an email attack scenario, an attacker could exploit the]]> 2024-01-29T19:01:00+00:00 https://thehackernews.com/2024/01/researchers-uncover-outlook.html www.secnews.physaphae.fr/article.php?IdArticle=8444428 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren\'t just numbers; they\'re a wake-up call. We\'re]]> 2024-01-29T17:03:00+00:00 https://thehackernews.com/2024/01/493-companies-share-their-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8444393 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case that some of AI\'s most significant impacts]]> 2024-01-29T16:41:00+00:00 https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html www.secnews.physaphae.fr/article.php?IdArticle=8444394 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it\'s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. "The attackers utilized the Gitea service to store several files]]> 2024-01-29T16:33:00+00:00 https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8444395 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. "The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans\' privacy are not just unethical, but illegal]]> 2024-01-29T12:29:00+00:00 https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html www.secnews.physaphae.fr/article.php?IdArticle=8444322 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS." "These]]> 2024-01-29T11:02:00+00:00 https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html www.secnews.physaphae.fr/article.php?IdArticle=8444297 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021. "Lures use Mexican Social]]> 2024-01-27T12:25:00+00:00 https://thehackernews.com/2024/01/allakore-rat-malware-targeting-mexican.html www.secnews.physaphae.fr/article.php?IdArticle=8443701 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the modern counterpart - a multi-layered approach with strategic redundancy and a blend of passive and active security]]> 2024-01-26T16:34:00+00:00 https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html www.secnews.physaphae.fr/article.php?IdArticle=8443370 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead," Malwarebytes\' Jérôme Segura said in a]]> 2024-01-26T15:14:00+00:00 https://thehackernews.com/2024/01/malicious-ads-on-google-target-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8443351 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it\'s currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise (HPE) revealed that it had been the victim of an attack perpetrated by a hacking crew]]> 2024-01-26T11:33:00+00:00 https://thehackernews.com/2024/01/microsoft-warns-of-widening-apt29.html www.secnews.physaphae.fr/article.php?IdArticle=8443285 False Threat APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud. "]]> 2024-01-26T11:03:00+00:00 https://thehackernews.com/2024/01/russian-trickbot-mastermind-gets-5-year.html www.secnews.physaphae.fr/article.php?IdArticle=8443267 False Malware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems from improper processing of user-provided data that a threat actor could abuse to send a]]> 2024-01-26T10:43:00+00:00 https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8443268 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control (C2) server, and a web administration portal written in PHP," Kroll said in an analysis published last week. The risk and]]> 2024-01-25T19:53:00+00:00 https://thehackernews.com/2024/01/systembc-malwares-c2-server-analysis.html www.secnews.physaphae.fr/article.php?IdArticle=8443022 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE). The issue, assigned the CVE identifier CVE-2024-23897, has been described as an arbitrary file read vulnerability through the]]> 2024-01-25T17:27:00+00:00 https://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8442961 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that\'s distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware "has been updated with new features, as well as changes to the anti-analysis (analysis avoidance) techniques." LODEINFO (versions 0.6.6 and 0.6.7]]> 2024-01-25T17:00:00+00:00 https://thehackernews.com/2024/01/lodeinfo-fileless-malware-evolves-with.html www.secnews.physaphae.fr/article.php?IdArticle=8442962 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from the platform\'s surveillance of the Surface, Deep, and Dark Web with insights derived from the in-depth research and investigations conducted by the Threat Intelligence team. Discover the full scope of digital threats in the Axur Report 2023/2024. Overview]]> 2024-01-25T16:47:00+00:00 https://thehackernews.com/2024/01/cyber-threat-landscape-7-key-findings.html www.secnews.physaphae.fr/article.php?IdArticle=8442943 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name Blackwood. It\'s said to be active since at least 2018. The NSPX30]]> 2024-01-25T15:38:00+00:00 https://thehackernews.com/2024/01/china-backed-hackers-hijack-software.html www.secnews.physaphae.fr/article.php?IdArticle=8442919 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf Labs, which discovered the new attack tool in two recent intrusions, said the loader\'s icon and name masquerades as the legitimate CherryTree note-taking application to dupe potential victims]]> 2024-01-25T12:51:00+00:00 https://thehackernews.com/2024/01/new-cherryloader-malware-mimics.html www.secnews.physaphae.fr/article.php?IdArticle=8442858 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise\'s (HPE) cloud email environment to exfiltrate mailbox data. "The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,"]]> 2024-01-25T11:18:00+00:00 https://thehackernews.com/2024/01/tech-giant-hp-enterprise-hacked-by.html www.secnews.physaphae.fr/article.php?IdArticle=8442828 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster. The critical shortcoming has been codenamed Sys:All by cloud security firm Orca. As many as 250,000 active GKE clusters in the wild are estimated to be susceptible to the attack vector. In]]> 2024-01-24T19:55:00+00:00 https://thehackernews.com/2024/01/google-kubernetes-misconfig-lets-any.html www.secnews.physaphae.fr/article.php?IdArticle=8442574 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to productivity and innovation in the digital enterprise, it has upended traditional approaches to IT security and governance. Nudge Security is the world\'s first and only solution to address]]> 2024-01-24T16:54:00+00:00 https://thehackernews.com/2024/01/what-is-nudge-security-and-how-does-it.html www.secnews.physaphae.fr/article.php?IdArticle=8442514 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on compromised Windows hosts, joining the likes of other groups like Akira, AvosLocker, BlackByte, and RobbinHood. The tactic allows "threat actors to terminate antivirus processes and services for the deployment of ransomware," Trend]]> 2024-01-24T16:50:00+00:00 https://thehackernews.com/2024/01/kasseika-ransomware-using-byovd-trick.html www.secnews.physaphae.fr/article.php?IdArticle=8442515 False Ransomware,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a world where more & more organizations are adopting open-source components as foundational blocks in their application\'s infrastructure, it\'s difficult to consider traditional SCAs as complete protection mechanisms against open-source threats. Using open-source libraries saves tons of coding and debugging time, and by that - shortens the time to deliver our applications. But, as]]> 2024-01-24T14:31:00+00:00 https://thehackernews.com/2024/01/the-unknown-risks-of-software-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8442472 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank. Alexander Ermakov (aka blade_runner, GistaveDore, GustaveDore, or JimJones), 33, has been tied to the breach of the Medibank network as well as the theft and release of Personally Identifiable]]> 2024-01-24T14:25:00+00:00 https://thehackernews.com/2024/01/us-uk-australia-sanction-russian-revil.html www.secnews.physaphae.fr/article.php?IdArticle=8442473 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in Fortra\'s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the issue carries a CVSS score of 9.8 out of 10. "Authentication bypass in Fortra\'s GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal," Fortra&]]> 2024-01-24T11:02:00+00:00 https://thehackernews.com/2024/01/patch-your-goanywhere-mft-immediately.html www.secnews.physaphae.fr/article.php?IdArticle=8442423 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new findings from Infoblox reveal. The latest development demonstrates the "breadth of their activities and depth of their connections within the cybercrime industry," the company said,]]> 2024-01-23T20:03:00+00:00 https://thehackernews.com/2024/01/vextrio-uber-of-cybercrime-brokering.html www.secnews.physaphae.fr/article.php?IdArticle=8442148 False Malware,Threat Uber 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were installed. The modules named warbeast2000 and kodiak2k were published at the start of the month, attracting 412 and 1,281 downloads before they were taken down by the npm]]> 2024-01-23T19:49:00+00:00 https://thehackernews.com/2024/01/malicious-npm-packages-exfiltrate-1600.html www.secnews.physaphae.fr/article.php?IdArticle=8442149 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in the wild, said they are designed to target machines running macOS Ventura 13.6 and later, indicating the malware\'s ability to infect Macs on both Intel and]]> 2024-01-23T17:57:00+00:00 https://thehackernews.com/2024/01/activator-alert-macos-malware-hides-in.html www.secnews.physaphae.fr/article.php?IdArticle=8442123 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore\'s broad, internationally distributed network of scrubbing centers allows them to follow attack trends over time. Read on to learn about DDoS attack trends for Q3–Q4 of 2023, and what they mean for developing a robust]]> 2024-01-23T17:03:00+00:00 https://thehackernews.com/2024/01/from-megabits-to-terabits-gcore-radar.html www.secnews.physaphae.fr/article.php?IdArticle=8442094 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of child pornography. He was later released on a $]]> 2024-01-23T15:55:00+00:00 https://thehackernews.com/2024/01/breachforums-founder-sentenced-to-20.html www.secnews.physaphae.fr/article.php?IdArticle=8442048 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible]]> 2024-01-23T15:04:00+00:00 https://thehackernews.com/2024/01/40000-attacks-in-3-days-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8442028 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as CVE-2024-23222, is a type confusion bug that could be exploited by a threat actor to achieve arbitrary code execution when processing maliciously crafted web content. The tech giant said the problem]]> 2024-01-23T07:00:00+00:00 https://thehackernews.com/2024/01/apple-issues-patch-for-critical-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8441910 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023. "ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity]]> 2024-01-22T22:17:00+00:00 https://thehackernews.com/2024/01/north-korean-hackers-weaponize-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8441736 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. "Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to know whether an attack was being performed]]> 2024-01-22T22:05:00+00:00 https://thehackernews.com/2024/01/hackers-hijack-popular-java-and-android.html www.secnews.physaphae.fr/article.php?IdArticle=8441737 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Java-based "sophisticated" information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts. The malware, named NS-STEALER, is propagated via ZIP archives masquerading as cracked software, Trellix security researcher Gurumoorthi Ramanathan said in an analysis published last week. The ZIP file contains]]> 2024-01-22T16:52:00+00:00 https://thehackernews.com/2024/01/ns-stealer-uses-discord-bots-to.html www.secnews.physaphae.fr/article.php?IdArticle=8441634 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) We analyzed 2,5 million vulnerabilities we discovered in our customer\'s assets. This is what we found. Digging into the data The dataset we analyze here is representative of a subset of clients that subscribe to our vulnerability scanning services. Assets scanned include those reachable across the Internet, as well as those present on internal networks. The data includes findings for network]]> 2024-01-22T16:52:00+00:00 https://thehackernews.com/2024/01/52-of-serious-vulnerabilities-we-find.html www.secnews.physaphae.fr/article.php?IdArticle=8441633 False Vulnerability,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling or licensing precise location data. The settlement is part of allegations that the Texas-based company did not inform or seek consent from consumers before using their location information for advertising and marketing purposes. "InMarket will also be prohibited from]]> 2024-01-22T12:32:00+00:00 https://thehackernews.com/2024/01/ftc-bans-inmarket-for-selling-precise.html www.secnews.physaphae.fr/article.php?IdArticle=8441556 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. "The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners," Trustwave said. "Notably, despite the binary\'s unknown file]]> 2024-01-22T09:10:00+00:00 https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8441496 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. "UNC3886 has a track record of utilizing zero-day vulnerabilities to complete their mission without being detected, and this latest example further]]> 2024-01-20T15:53:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-silently-weaponized.html www.secnews.physaphae.fr/article.php?IdArticle=8440964 False Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The development came after the vulnerabilities – an authentication bypass]]> 2024-01-20T10:01:00+00:00 https://thehackernews.com/2024/01/cisa-issues-emergency-directive-to.html www.secnews.physaphae.fr/article.php?IdArticle=8440879 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company\'s cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly]]> 2024-01-20T08:41:00+00:00 https://thehackernews.com/2024/01/microsofts-top-execs-emails-breached-in.html www.secnews.physaphae.fr/article.php?IdArticle=8440863 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files. "The PDFs]]> 2024-01-20T07:46:00+00:00 https://thehackernews.com/2024/01/invoice-phishing-alert-ta866-deploys.html www.secnews.physaphae.fr/article.php?IdArticle=8440850 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. "Once detonated, the malware will download and execute multiple payloads]]> 2024-01-19T18:18:00+00:00 https://thehackernews.com/2024/01/experts-warn-of-macos-backdoor-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8440653 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It\'s the lifeblood of any organization in today\'s interconnected and digital world. Thus, safeguarding the data is of paramount importance. Its importance is magnified in on-premises Exchange Server environments where vital business communication and emails are stored and managed.  In]]> 2024-01-19T16:54:00+00:00 https://thehackernews.com/2024/01/preventing-data-loss-backup-and.html www.secnews.physaphae.fr/article.php?IdArticle=8440618 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named "oscompatible," was published on January 9, 2024, attracting a total of 380 downloads before it was taken down. oscompatible included a "few strange binaries," according to software supply chain security firm Phylum, including a single]]> 2024-01-19T13:12:00+00:00 https://thehackernews.com/2024/01/npm-trojan-bypasses-uac-installs.html www.secnews.physaphae.fr/article.php?IdArticle=8440571 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it\'s being actively exploited in the wild. The vulnerability in question is CVE-2023-35082 (CVSS score: 9.8), an authentication bypass]]> 2024-01-19T10:25:00+00:00 https://thehackernews.com/2024/01/us-cybersecurity-agency-warns-of.html www.secnews.physaphae.fr/article.php?IdArticle=8440517 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. "This is the first documented case of malware deploying the 9Hits application as a payload," cloud security firm Cado said, adding the development is a sign that adversaries are]]> 2024-01-18T22:01:00+00:00 https://thehackernews.com/2024/01/new-docker-malware-steals-cpu-for.html www.secnews.physaphae.fr/article.php?IdArticle=8440348 False Malware,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google\'s Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are]]> 2024-01-18T20:19:00+00:00 https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html www.secnews.physaphae.fr/article.php?IdArticle=8440327 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow\'s build agents via]]> 2024-01-18T18:04:00+00:00 https://thehackernews.com/2024/01/tensorflow-cicd-flaw-exposed-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8440265 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an]]> 2024-01-18T17:32:00+00:00 https://thehackernews.com/2024/01/mfa-spamming-and-fatigue-when-security.html www.secnews.physaphae.fr/article.php?IdArticle=8440266 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to]]> 2024-01-18T14:49:00+00:00 https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html www.secnews.physaphae.fr/article.php?IdArticle=8440211 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," the]]> 2024-01-18T09:46:00+00:00 https://thehackernews.com/2024/01/iranian-hackers-masquerades-as.html www.secnews.physaphae.fr/article.php?IdArticle=8440137 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment in Poland, said it unearthed half a dozen flaws that allow for]]> 2024-01-17T19:21:00+00:00 https://thehackernews.com/2024/01/pax-pos-terminal-flaw-could-allow.html www.secnews.physaphae.fr/article.php?IdArticle=8439909 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better protect their intellectual property (IP) and data against the growing and evolving risks of AI usage. SaaS applications seem to be multiplying by the day, and so does their integration of AI]]> 2024-01-17T19:00:00+00:00 https://thehackernews.com/2024/01/combating-ip-leaks-into-ai-applications.html www.secnews.physaphae.fr/article.php?IdArticle=8439910 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks." A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the malware]]> 2024-01-17T16:44:00+00:00 https://thehackernews.com/2024/01/feds-warn-of-androxgh0st-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8439850 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the digital age, the battleground for security professionals is not only evolving, it\'s expanding at an alarming rate. The upcoming webinar, "The Art of Privilege Escalation - How Hackers Become Admins," offers an unmissable opportunity for IT security experts to stay ahead in this relentless cyber war. Privilege escalation - the term might sound benign, but in the hands of a skilled hacker,]]> 2024-01-17T16:29:00+00:00 https://thehackernews.com/2024/01/webinar-art-of-privilege-escalation-how.html www.secnews.physaphae.fr/article.php?IdArticle=8439851 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group\'s Pegasus, QuaDream\'s Reign, and Intellexa\'s Predator.  Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file]]> 2024-01-17T15:52:00+00:00 https://thehackernews.com/2024/01/new-ishutdown-method-exposes-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8439832 False Mobile,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to credentials within a production container. The Microsoft-owned subsidiary said it was made aware of the problem on December 26, 2023, and that it addressed the issue the same day, in addition to rotating all potentially exposed credentials out of an]]> 2024-01-17T13:11:00+00:00 https://thehackernews.com/2024/01/github-rotates-keys-after-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8439800 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below - CVE-2023-6548 (CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management]]> 2024-01-17T09:44:00+00:00 https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html www.secnews.physaphae.fr/article.php?IdArticle=8439755 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. "By reading out-of-bounds memory, an attacker might be able to get secret values,]]> 2024-01-17T07:50:00+00:00 https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-fix.html www.secnews.physaphae.fr/article.php?IdArticle=8439734 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). “The two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern,” Jon Williams, a senior security]]> 2024-01-16T19:09:00+00:00 https://thehackernews.com/2024/01/alert-over-178000-sonicwall-firewalls.html www.secnews.physaphae.fr/article.php?IdArticle=8439575 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea. WebHard, short for web hard drive, is a popular online file storage system used to upload, download, and share files in the country. While webhards have been used in the past to deliver njRAT, UDP RAT, and DDoS botnet malware, the]]> 2024-01-16T18:52:00+00:00 https://thehackernews.com/2024/01/remcos-rat-spreading-through-adult.html www.secnews.physaphae.fr/article.php?IdArticle=8439554 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn\'t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full case study here. As a child,]]> 2024-01-16T16:19:00+00:00 https://thehackernews.com/2024/01/case-study-cookie-privacy-monster-in.html www.secnews.physaphae.fr/article.php?IdArticle=8439522 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme “leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers’ infrastructure that spoofed Web3 protocols to trick victims into authorizing]]> 2024-01-16T13:29:00+00:00 https://thehackernews.com/2024/01/inferno-malware-masqueraded-as-coinbase.html www.secnews.physaphae.fr/article.php?IdArticle=8439474 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Simon Zuckerbraun said. “It also]]> 2024-01-16T12:43:00+00:00 https://thehackernews.com/2024/01/hackers-weaponize-windows-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8439454 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the fact that it takes advantage of a feature called My Flow that makes it]]> 2024-01-15T19:28:00+00:00 https://thehackernews.com/2024/01/opera-myflaw-bug-could-let-hackers-run.html www.secnews.physaphae.fr/article.php?IdArticle=8439241 False Vulnerability,Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases.  Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser-2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of formidable]]> 2024-01-15T19:28:00+00:00 https://thehackernews.com/2024/01/3-ransomware-group-newcomers-to-watch.html www.secnews.physaphae.fr/article.php?IdArticle=8439242 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be weaponized by an attacker to]]> 2024-01-15T13:46:00+00:00 https://thehackernews.com/2024/01/high-severity-flaws-uncovered-in-bosch.html www.secnews.physaphae.fr/article.php?IdArticle=8439153 False Vulnerability,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech]]> 2024-01-15T13:15:00+00:00 https://thehackernews.com/2024/01/balada-injector-infects-over-7100.html www.secnews.physaphae.fr/article.php?IdArticle=8439154 False Malware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. “This surge in cyber attacks coincided]]> 2024-01-15T11:25:00+00:00 https://thehackernews.com/2024/01/ddos-attacks-on-environmental-services.html www.secnews.physaphae.fr/article.php?IdArticle=8439127 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a]]> 2024-01-14T14:37:00+00:00 https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438871 False Industrial,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a]]> 2024-01-13T16:15:00+00:00 https://thehackernews.com/2024/01/critical-rce-vulnerability-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438586 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.” “A cloud]]> 2024-01-13T15:31:00+00:00 https://thehackernews.com/2024/01/29-year-old-ukrainian-cryptojacking.html www.secnews.physaphae.fr/article.php?IdArticle=8438571 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an]]> 2024-01-12T19:23:00+00:00 https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8438293 False Malware,Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their]]> 2024-01-12T18:53:00+00:00 https://thehackernews.com/2024/01/medusa-ransomware-on-rise-from-data.html www.secnews.physaphae.fr/article.php?IdArticle=8438294 False Ransomware,Threat None 3.0000000000000000