This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-05T14:47:50+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea. WebHard, short for web hard drive, is a popular online file storage system used to upload, download, and share files in the country. While webhards have been used in the past to deliver njRAT, UDP RAT, and DDoS botnet malware, the]]> 2024-01-16T18:52:00+00:00 https://thehackernews.com/2024/01/remcos-rat-spreading-through-adult.html www.secnews.physaphae.fr/article.php?IdArticle=8439554 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn\'t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full case study here. As a child,]]> 2024-01-16T16:19:00+00:00 https://thehackernews.com/2024/01/case-study-cookie-privacy-monster-in.html www.secnews.physaphae.fr/article.php?IdArticle=8439522 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme “leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers’ infrastructure that spoofed Web3 protocols to trick victims into authorizing]]> 2024-01-16T13:29:00+00:00 https://thehackernews.com/2024/01/inferno-malware-masqueraded-as-coinbase.html www.secnews.physaphae.fr/article.php?IdArticle=8439474 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Simon Zuckerbraun said. “It also]]> 2024-01-16T12:43:00+00:00 https://thehackernews.com/2024/01/hackers-weaponize-windows-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8439454 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the fact that it takes advantage of a feature called My Flow that makes it]]> 2024-01-15T19:28:00+00:00 https://thehackernews.com/2024/01/opera-myflaw-bug-could-let-hackers-run.html www.secnews.physaphae.fr/article.php?IdArticle=8439241 False Vulnerability,Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases.  Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser-2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of formidable]]> 2024-01-15T19:28:00+00:00 https://thehackernews.com/2024/01/3-ransomware-group-newcomers-to-watch.html www.secnews.physaphae.fr/article.php?IdArticle=8439242 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be weaponized by an attacker to]]> 2024-01-15T13:46:00+00:00 https://thehackernews.com/2024/01/high-severity-flaws-uncovered-in-bosch.html www.secnews.physaphae.fr/article.php?IdArticle=8439153 False Vulnerability,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech]]> 2024-01-15T13:15:00+00:00 https://thehackernews.com/2024/01/balada-injector-infects-over-7100.html www.secnews.physaphae.fr/article.php?IdArticle=8439154 False Malware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. “This surge in cyber attacks coincided]]> 2024-01-15T11:25:00+00:00 https://thehackernews.com/2024/01/ddos-attacks-on-environmental-services.html www.secnews.physaphae.fr/article.php?IdArticle=8439127 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a]]> 2024-01-14T14:37:00+00:00 https://thehackernews.com/2024/01/new-findings-challenge-attribution-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438871 False Industrial,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a]]> 2024-01-13T16:15:00+00:00 https://thehackernews.com/2024/01/critical-rce-vulnerability-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8438586 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.” “A cloud]]> 2024-01-13T15:31:00+00:00 https://thehackernews.com/2024/01/29-year-old-ukrainian-cryptojacking.html www.secnews.physaphae.fr/article.php?IdArticle=8438571 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an]]> 2024-01-12T19:23:00+00:00 https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8438293 False Malware,Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their]]> 2024-01-12T18:53:00+00:00 https://thehackernews.com/2024/01/medusa-ransomware-on-rise-from-data.html www.secnews.physaphae.fr/article.php?IdArticle=8438294 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the CVSS scoring system and could facilitate account takeover by sending password reset emails to an unverified email address. The]]> 2024-01-12T18:33:00+00:00 https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8438295 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson\'s famous adage, "Everyone has a plan until they get punched in]]> 2024-01-12T17:35:00+00:00 https://thehackernews.com/2024/01/applying-tyson-principle-to.html www.secnews.physaphae.fr/article.php?IdArticle=8438245 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker\'s use of packers and rootkits to conceal the malware," Aqua security researchers Nitzan Yaakov and Assaf Morag said in an analysis published earlier]]> 2024-01-12T13:26:00+00:00 https://thehackernews.com/2024/01/cryptominers-targeting-misconfigured.html www.secnews.physaphae.fr/article.php?IdArticle=8438154 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain]]> 2024-01-12T12:05:00+00:00 https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html www.secnews.physaphae.fr/article.php?IdArticle=8438140 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security]]> 2024-01-11T20:58:00+00:00 https://thehackernews.com/2024/01/threat-actors-increasingly-abusing.html www.secnews.physaphae.fr/article.php?IdArticle=8437918 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (]]> 2024-01-11T19:46:00+00:00 https://thehackernews.com/2024/01/new-poc-exploit-for-apache-ofbiz.html www.secnews.physaphae.fr/article.php?IdArticle=8437896 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. “Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various]]> 2024-01-11T19:30:00+00:00 https://thehackernews.com/2024/01/new-python-based-fbot-hacking-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8437897 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who\'s-who of big-name organizations. If MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars]]> 2024-01-11T17:13:00+00:00 https://thehackernews.com/2024/01/there-is-ransomware-armageddon-coming.html www.secnews.physaphae.fr/article.php?IdArticle=8437843 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption in an effort to bypass detection rules,"]]> 2024-01-11T17:10:00+00:00 https://thehackernews.com/2024/01/atomic-stealer-gets-upgrade-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8437844 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The compromise of Mandiant\'s X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group. "Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X\'s 2FA policy, we were not adequately protected," the threat intelligence firm said ]]> 2024-01-11T11:40:00+00:00 https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html www.secnews.physaphae.fr/article.php?IdArticle=8437756 False Hack,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178]]> 2024-01-11T10:59:00+00:00 https://thehackernews.com/2024/01/chinese-hackers-exploit-zero-day-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8437742 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific]]> 2024-01-11T10:25:00+00:00 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8437743 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,” Akamai security researcher Stiv Kupchik said in a report shared with The]]> 2024-01-10T20:45:00+00:00 https://thehackernews.com/2024/01/noabot-latest-mirai-based-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8437567 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it.  The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable points using]]> 2024-01-10T17:00:00+00:00 https://thehackernews.com/2024/01/getting-off-attack-surface-hamster.html www.secnews.physaphae.fr/article.php?IdArticle=8437505 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations. The encryption key has also been shared with Avast,]]> 2024-01-10T16:01:00+00:00 https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html www.secnews.physaphae.fr/article.php?IdArticle=8437484 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic, which was previously known as X-Mode Social, from sharing or selling any sensitive location data with third-parties. The ban is part of a settlement over allegations that the company "sold precise location data that could be used to track people\'s visits to sensitive locations such as medical and]]> 2024-01-10T14:17:00+00:00 https://thehackernews.com/2024/01/ftc-bans-outlogic-x-mode-from-selling.html www.secnews.physaphae.fr/article.php?IdArticle=8437452 False Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The]]> 2024-01-10T10:56:00+00:00 https://thehackernews.com/2024/01/microsofts-january-2024-windows-update.html www.secnews.physaphae.fr/article.php?IdArticle=8437402 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.]]> 2024-01-10T10:20:00+00:00 https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html www.secnews.physaphae.fr/article.php?IdArticle=8437391 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor called Water Curupira has been observed actively distributing the PikaBot loader malware as part of spam campaigns in 2023. “PikaBot\'s operators ran phishing campaigns, targeting victims via its two components - a loader and a core module - which enabled unauthorized remote access and allowed the execution of arbitrary commands through an established connection with]]> 2024-01-09T21:31:00+00:00 https://thehackernews.com/2024/01/alert-water-curupira-hackers-actively.html www.secnews.physaphae.fr/article.php?IdArticle=8437215 False Spam,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access. “The analyzed threat campaign appears to end in one of two ways, either the selling of \'access\' to the compromised host, or the ultimate delivery of ransomware payloads,” Securonix researchers]]> 2024-01-09T19:15:00+00:00 https://thehackernews.com/2024/01/turkish-hackers-exploiting-poorly.html www.secnews.physaphae.fr/article.php?IdArticle=8437166 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees]]> 2024-01-09T16:57:00+00:00 https://thehackernews.com/2024/01/why-public-links-expose-your-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8437106 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A security flaw has been disclosed in Kyocera\'s Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the \'Restrict NTLM: Outgoing NTLM]]> 2024-01-09T15:22:00+00:00 https://thehackernews.com/2024/01/alert-new-vulnerabilities-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8437087 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. “These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,]]> 2024-01-09T13:47:00+00:00 https://thehackernews.com/2024/01/beware-youtube-videos-promoting-cracked.html www.secnews.physaphae.fr/article.php?IdArticle=8437067 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT that\'s equipped to bypass security software and stealthily launch hidden applications. “The developers operate on multiple hacker forums and social media platforms, showcasing an active and sophisticated presence,” cybersecurity firm Cyfirma said in a report]]> 2024-01-08T19:34:00+00:00 https://thehackernews.com/2024/01/syrian-hackers-distributing-stealthy-c.html www.secnews.physaphae.fr/article.php?IdArticle=8436659 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, “only 59% of organizations say their cybersecurity strategy has changed over the past two years.” This stagnation in strategy adaptation can be traced back to several key issues. Talent Retention Challenges: The cybersecurity field is rapidly advancing, requiring a]]> 2024-01-08T17:09:00+00:00 https://thehackernews.com/2024/01/unifying-security-tech-beyond-stack.html www.secnews.physaphae.fr/article.php?IdArticle=8436600 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particularly firewalls and VPNs, which give attackers direct network access to execute their attacks. In fact, Gartner&]]> 2024-01-08T14:31:00+00:00 https://thehackernews.com/2024/01/webinar-leverage-zero-trust-security-to.html www.secnews.physaphae.fr/article.php?IdArticle=8436517 False Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years. “These security and privacy challenges include the potential for adversarial manipulation of training data, adversarial exploitation of model vulnerabilities to]]> 2024-01-08T13:23:00+00:00 https://thehackernews.com/2024/01/nist-warns-of-security-and-privacy.html www.secnews.physaphae.fr/article.php?IdArticle=8436518 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) said it charged 19 individuals worldwide in connection with the now-defunct xDedic Marketplace, which is estimated to have facilitated more than $68 million in fraud. In wrapping up its investigation into the dark web portal, the agency said the transnational operation was the result of close cooperation with law enforcement authorities from Belgium]]> 2024-01-08T11:45:00+00:00 https://thehackernews.com/2024/01/doj-charges-19-worldwide-in-68-million.html www.secnews.physaphae.fr/article.php?IdArticle=8436443 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors affiliated with the Democratic People\'s Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023. The DPRK "was responsible for almost a third of all funds stolen in crypto attacks last year, despite a 30% reduction from the USD 850 million haul in 2022," blockchain analytics firm TRM Labs said last week. "Hacks]]> 2024-01-08T10:29:00+00:00 https://thehackernews.com/2024/01/north-koreas-cyber-heist-dprk-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8436402 False Threat,Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group]]> 2024-01-06T13:49:00+00:00 https://thehackernews.com/2024/01/sea-turtle-cyber-espionage-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8435543 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recent wave of cyber attacks targeting Albanian organizations involved the use of a wiper called No-Justice. The findings come from cybersecurity company ClearSky, which said the Windows-based malware "crashes the operating system in a way that it cannot be rebooted." The intrusions have been attributed to an Iranian "psychological operation group" called Homeland]]> 2024-01-06T12:18:00+00:00 https://thehackernews.com/2024/01/pro-iranian-hacker-group-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8435521 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors. “SpectralBlur is a moderately capable backdoor that can upload/download files, run a shell, update its configuration, delete files, hibernate, or sleep, based on commands issued from the []]> 2024-01-05T21:05:00+00:00 https://thehackernews.com/2024/01/spectralblur-new-macos-backdoor-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8435195 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Picture this: you stumble upon a concealed secret within your company\'s source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secret is just the beginning; swift and resolute action becomes imperative. However, lacking the]]> 2024-01-05T15:33:00+00:00 https://thehackernews.com/2024/01/exposed-secrets-are-everywhere-heres.html www.secnews.physaphae.fr/article.php?IdArticle=8435044 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic. "The Orange account in the IP network coordination center (RIPE) has suffered improper access that has affected the browsing of some of our customers," the]]> 2024-01-05T15:31:00+00:00 https://thehackernews.com/2024/01/orange-spain-faces-bgp-traffic-hijack.html www.secnews.physaphae.fr/article.php?IdArticle=8435045 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on susceptible servers. Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS scoring system. The shortcoming impacts EPM 2021 and EPM 2022 prior to SU5. “If exploited, an]]> 2024-01-05T13:12:00+00:00 https://thehackernews.com/2024/01/alert-ivanti-releases-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8434986 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar\'s systems at least since May 2023. The development was first reported by Reuters. The incident, described as a "powerful hacker attack," first came to light last month, knocking out access to mobile and internet services]]> 2024-01-05T12:57:00+00:00 https://thehackernews.com/2024/01/russian-hackers-had-covert-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8434987 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware is distributed via a PDF file that embeds a link to a password-protected .7z archive. “]]> 2024-01-05T10:46:00+00:00 https://thehackernews.com/2024/01/new-bandook-rat-variant-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8434931 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Section four of the "Executive Order on Improving the Nation\'s Cybersecurity" introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan to sell to a government, understanding your Software Supply Chain and]]> 2024-01-04T17:43:00+00:00 https://thehackernews.com/2024/01/three-ways-to-supercharge-your-software.html www.secnews.physaphae.fr/article.php?IdArticle=8434422 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three harmful packages, named modularseven, driftme, and catme, attracted a total of 431 downloads over the past month before they were taken down. “These packages, upon initial use, deploy a CoinMiner]]> 2024-01-04T16:05:00+00:00 https://thehackernews.com/2024/01/beware-3-malicious-pypi-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8434356 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as UAC-0050 is leveraging phishing attacks to distribute Remcos RAT using new strategies to evade detection from security software. "The group\'s weapon of choice is Remcos RAT, a notorious malware for remote surveillance and control, which has been at the forefront of its espionage arsenal," Uptycs security researchers Karthick Kumar and Shilpesh Trivedi said in]]> 2024-01-04T14:25:00+00:00 https://thehackernews.com/2024/01/uac-0050-group-using-new-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8434261 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam. As of writing, the account has been restored on the social media platform. It\'s currently not clear how the account was breached. But the hacked Mandiant account was initially renamed to "@]]> 2024-01-04T11:59:00+00:00 https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html www.secnews.physaphae.fr/article.php?IdArticle=8434203 False Hack,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access to a valid session in an]]> 2024-01-03T18:46:00+00:00 https://thehackernews.com/2024/01/malware-using-google-multilogin-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8433684 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised]]> 2024-01-03T16:16:00+00:00 https://thehackernews.com/2024/01/5-ways-to-reduce-saas-security-risks.html www.secnews.physaphae.fr/article.php?IdArticle=8433615 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from arbitrary email addresses, allowing targeted phishing attacks," Timo Longin, a senior security]]> 2024-01-03T16:12:00+00:00 https://thehackernews.com/2024/01/smtp-smuggling-new-threat-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8433616 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Tuesday said it reached a settlement with VoIP service provider XCast over allegations that it facilitated illegal telemarketing campaigns since at least January 2018, in contravention of the Telemarketing Sales Rule (TSR). In addition to prohibiting the company from violating the law, the stipulated order requires it to meet other compliance measures,]]> 2024-01-03T12:51:00+00:00 https://thehackernews.com/2024/01/doj-slams-xcast-with-10-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8433486 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,]]> 2024-01-02T15:31:00+00:00 https://thehackernews.com/2024/01/the-definitive-enterprise-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8432862 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to settle a lawsuit filed in June 2020 that alleged that the company misled users by tracking their surfing activity who thought that their internet use remained private when using the “incognito” or “private” mode on web browsers. The class-action lawsuit sought at least $5 billion in damages. The settlement terms were not disclosed. The plaintiffs had]]> 2024-01-02T15:20:00+00:00 https://thehackernews.com/2024/01/google-settles-5-billion-privacy.html www.secnews.physaphae.fr/article.php?IdArticle=8432863 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL]]> 2024-01-01T19:30:00+00:00 https://thehackernews.com/2024/01/new-variant-of-dll-search-order.html www.secnews.physaphae.fr/article.php?IdArticle=8432407 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection\'s security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix]]> 2024-01-01T15:07:00+00:00 https://thehackernews.com/2024/01/new-terrapin-flaw-could-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8432287 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader. The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks. "The]]> 2024-01-01T12:22:00+00:00 https://thehackernews.com/2024/01/new-jinxloader-targeting-users-with.html www.secnews.physaphae.fr/article.php?IdArticle=8432214 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique," Check Point researchers Oded Vanunu,]]> 2023-12-30T15:00:00+00:00 https://thehackernews.com/2023/12/beware-scam-as-service-aiding.html www.secnews.physaphae.fr/article.php?IdArticle=8431211 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country\'s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed this week. “These infrastructures, under the legislation in force, are not currently classified as critical or important information infrastructure,” AKCESK said. One Albania, which has]]> 2023-12-29T19:27:00+00:00 https://thehackernews.com/2023/12/albanian-parliament-and-one-albania.html www.secnews.physaphae.fr/article.php?IdArticle=8430819 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, 2023, targets government entities]]> 2023-12-29T16:11:00+00:00 https://thehackernews.com/2023/12/cert-ua-uncovers-new-malware-wave.html www.secnews.physaphae.fr/article.php?IdArticle=8430752 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky. “A notable point about attacks that]]> 2023-12-29T14:39:00+00:00 https://thehackernews.com/2023/12/kimsuky-hackers-deploying-appleseed.html www.secnews.physaphae.fr/article.php?IdArticle=8430708 False Tool,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday said it\'s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution,” the Microsoft Threat Intelligence]]> 2023-12-29T10:46:00+00:00 https://thehackernews.com/2023/12/microsoft-disables-msix-app-installer.html www.secnews.physaphae.fr/article.php?IdArticle=8430625 False Ransomware,Malware,Threat,Patching None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to]]> 2023-12-28T18:50:00+00:00 https://thehackernews.com/2023/12/google-cloud-resolves-privilege.html www.secnews.physaphae.fr/article.php?IdArticle=8430294 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginning of 2023 after becoming one of the targets, described it as]]> 2023-12-28T16:49:00+00:00 https://thehackernews.com/2023/12/most-sophisticated-iphone-hack-ever.html www.secnews.physaphae.fr/article.php?IdArticle=8430253 False Hack,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. "This malware is a loader with three types of components: a downloader that downloads an]]> 2023-12-28T11:26:00+00:00 https://thehackernews.com/2023/12/new-rugmi-malware-loader-surges-with.html www.secnews.physaphae.fr/article.php?IdArticle=8430151 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was]]> 2023-12-27T21:09:00+00:00 https://thehackernews.com/2023/12/critical-zero-day-in-apache-ofbiz-erp.html www.secnews.physaphae.fr/article.php?IdArticle=8429882 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and open-source library Spreadsheet::ParseExcel that\'s used by the Amavis scanner within the]]> 2023-12-27T18:05:00+00:00 https://thehackernews.com/2023/12/chinese-hackers-exploited-new-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8429811 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it\'s developed using an open-source mobile app framework called Xamarin and abuses the operating system\'s accessibility permissions to fulfill its objectives.]]> 2023-12-27T13:54:00+00:00 https://thehackernews.com/2023/12/new-sneaky-xamalicious-android-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8429720 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. "Threat actors can also choose to install only scanners and sell the breached IP and account credentials on]]> 2023-12-27T10:59:00+00:00 https://thehackernews.com/2023/12/warning-poorly-secured-linux-ssh.html www.secnews.physaphae.fr/article.php?IdArticle=8429640 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned last month through new]]> 2023-12-26T12:56:00+00:00 https://thehackernews.com/2023/12/carbanak-banking-malware-resurfaces.html www.secnews.physaphae.fr/article.php?IdArticle=8429198 False Ransomware,Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB\'s formal exit from Russia earlier this year. Cloud Atlas, active since at]]> 2023-12-25T13:17:00+00:00 https://thehackernews.com/2023/12/cloud-atlas-spear-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8428716 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent to get back to cybercrime "as soon as possible," BBC reported. Kurtaj, who is autistic, was]]> 2023-12-24T11:18:00+00:00 https://thehackernews.com/2023/12/british-lapsus-teen-members-sentenced.html www.secnews.physaphae.fr/article.php?IdArticle=8428221 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have discovered a rogue WordPress plugin that\'s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake WordPress plugins it contains some deceptive information at]]> 2023-12-22T22:17:00+00:00 https://thehackernews.com/2023/12/rogue-wordpress-plugin-exposes-e.html www.secnews.physaphae.fr/article.php?IdArticle=8427490 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Indian government entities and the defense sector have been targeted by a phishing campaign that\'s engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. "New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate]]> 2023-12-22T18:49:00+00:00 https://thehackernews.com/2023/12/operation-rusticweb-rust-based-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8427392 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. "Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers\' unfamiliarity can hamper their investigation," Netskope researchers Ghanashyam Satpathy and Jan Michael Alcantara ]]> 2023-12-22T18:16:00+00:00 https://thehackernews.com/2023/12/decoy-microsoft-word-documents-used-to.html www.secnews.physaphae.fr/article.php?IdArticle=8427363 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for companies outside of Ukraine," cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 was first]]> 2023-12-22T13:16:00+00:00 https://thehackernews.com/2023/12/uac-0099-using-winrar-exploit-to-target.html www.secnews.physaphae.fr/article.php?IdArticle=8427261 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, and Refined Kitten. "]]> 2023-12-22T11:04:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-new-falsefont.html www.secnews.physaphae.fr/article.php?IdArticle=8427216 False Threat,Industrial APT33,APT 33 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn\'t survive a reboot on the infected Android system (it had it on iOS)," Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor]]> 2023-12-21T22:18:00+00:00 https://thehackernews.com/2023/12/multi-million-dollar-predator-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8426908 False Mobile,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted region,]]> 2023-12-21T21:51:00+00:00 https://thehackernews.com/2023/12/new-chameleon-android-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8426909 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new piece of JavaScript malware has been observed attempting to steal users\' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, Europe, and Japan.]]> 2023-12-21T18:08:00+00:00 https://thehackernews.com/2023/12/new-javascript-malware-targeted-50000.html www.secnews.physaphae.fr/article.php?IdArticle=8426758 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial impacts of breaches. With this data, they can make data driven decisions about how they implement]]> 2023-12-21T16:23:00+00:00 https://thehackernews.com/2023/12/cost-of-data-breach-report-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8426727 False Data Breach None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to "tens of thousands of users." The exercise, which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine, began on December 16, 2023, the Federal Criminal Police Office (BKA) said. Kingdom]]> 2023-12-21T15:33:00+00:00 https://thehackernews.com/2023/12/german-authorities-dismantle-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=8426696 False Malware,Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office\'s]]> 2023-12-21T12:52:00+00:00 https://thehackernews.com/2023/12/hackers-exploiting-old-ms-excel.html www.secnews.physaphae.fr/article.php?IdArticle=8426609 False Malware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément]]> 2023-12-21T09:11:00+00:00 https://thehackernews.com/2023/12/urgent-new-chrome-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8426535 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns. "Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one underprotected device to compromise the entire network," Mark Loman, vice]]> 2023-12-20T19:02:00+00:00 https://thehackernews.com/2023/12/remote-encryption-attacks-surge-how-one.html www.secnews.physaphae.fr/article.php?IdArticle=8426114 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hands-On Review: Memcyco\'s Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing reputation damage and financial losses for both organizations and customers. The Growing Threat of]]> 2023-12-20T16:35:00+00:00 https://thehackernews.com/2023/12/product-explained-memcycos-real-time.html www.secnews.physaphae.fr/article.php?IdArticle=8426054 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages with the ultimate goal of gathering sensitive information from residents and foreigners in the country. "These criminals send malicious links to their victims\' mobile devices through SMS or]]> 2023-12-20T15:50:00+00:00 https://thehackernews.com/2023/12/alert-chinese-hackers-pose-as-uae.html www.secnews.physaphae.fr/article.php?IdArticle=8426026 False Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries. The exercise, which took place from July through December 2023, took aim at various types of financial crimes such as voice phishing, romance scams, online sextortion, investment fraud, money laundering]]> 2023-12-20T14:09:00+00:00 https://thehackernews.com/2023/12/3500-arrested-in-global-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8425964 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems. AT&T Alien Labs, which made the discovery, said the malware is "equipped with an extensive array of commands from its command-and-control (C&C) server." Artifacts designed for macOS were first observed in July]]> 2023-12-20T13:40:00+00:00 https://thehackernews.com/2023/12/new-go-based-jaskago-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8425965 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of Investigation (FBI) enlisted the help of a confidential human source (CHS) to act as an affiliate for the BlackCat and gain]]> 2023-12-19T21:22:00+00:00 https://thehackernews.com/2023/12/fbi-takes-down-blackcat-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425555 False Ransomware,Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national who was indicted by the U.S. government earlier this year for his alleged role in launching thousands of attacks across the world. Matveev, who resides in Saint Petersburg and is known by the aliases Wazawaka, m1x, Boriselcin, Uhodiransomwar,]]> 2023-12-19T20:46:00+00:00 https://thehackernews.com/2023/12/behind-scenes-of-matveevs-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425524 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. "Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second stage malware and sidestep detection tools," ReversingLabs researcher Karlo Zanki ]]> 2023-12-19T19:00:00+00:00 https://thehackernews.com/2023/12/hackers-abusing-github-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8425467 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering remains one of the most prevalent attacks]]> 2023-12-19T17:23:00+00:00 https://thehackernews.com/2023/12/are-we-ready-to-give-up-on-security.html www.secnews.physaphae.fr/article.php?IdArticle=8425430 False None None 2.0000000000000000