This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-03T18:52:20+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. "PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577," Malwarebytes\' Jérôme Segura said. The malware family,]]> 2023-12-19T16:32:00+00:00 https://thehackernews.com/2023/12/new-malvertising-campaign-distributing.html www.secnews.physaphae.fr/article.php?IdArticle=8425401 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated]]> 2023-12-19T12:28:00+00:00 https://thehackernews.com/2023/12/8220-gang-exploiting-oracle-weblogic.html www.secnews.physaphae.fr/article.php?IdArticle=8425288 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. "Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations in North]]> 2023-12-19T11:12:00+00:00 https://thehackernews.com/2023/12/double-extortion-play-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8425246 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security]]> 2023-12-18T21:13:00+00:00 https://thehackernews.com/2023/12/beware-experts-reveal-new-details-on.html www.secnews.physaphae.fr/article.php?IdArticle=8424888 False Vulnerability,Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud.  These applications contain a wealth of data, from minimally sensitive general]]> 2023-12-18T20:10:00+00:00 https://thehackernews.com/2023/12/top-7-trends-shaping-saas-security-in.html www.secnews.physaphae.fr/article.php?IdArticle=8424859 False Prediction,Medical,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of delivering "specific distributor needs," but also makes it more potent, Check Point said&]]> 2023-12-18T20:01:00+00:00 https://thehackernews.com/2023/12/rhadamanthys-malware-swiss-army-knife.html www.secnews.physaphae.fr/article.php?IdArticle=8424825 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via cryptocurrency investment scams. The defendants – Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, Rosemead, California; and Hailong Zhu, 40, Naperville, Illinois – have been charged with conspiracy to commit money laundering,]]> 2023-12-18T17:43:00+00:00 https://thehackernews.com/2023/12/four-us-nationals-charged-in-80-million.html www.secnews.physaphae.fr/article.php?IdArticle=8424758 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly using platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems? The simple truth is often swept under]]> 2023-12-18T16:01:00+00:00 https://thehackernews.com/2023/12/unmasking-dark-side-of-low-codeno-code.html www.secnews.physaphae.fr/article.php?IdArticle=8424706 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network. Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry. "Targets]]> 2023-12-18T14:59:00+00:00 https://thehackernews.com/2023/12/qakbot-malware-resurfaces-with-new.html www.secnews.physaphae.fr/article.php?IdArticle=8424707 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency called out Iranian threat actors affiliated with]]> 2023-12-18T11:11:00+00:00 https://thehackernews.com/2023/12/cisa-urges-manufacturers-eliminate.html www.secnews.physaphae.fr/article.php?IdArticle=8424592 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) MongoDB on Saturday disclosed it\'s actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response]]> 2023-12-17T10:18:00+00:00 https://thehackernews.com/2023/12/mongodb-suffers-security-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8424056 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) China\'s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to "improve the comprehensive response capacity for data security incidents, to ensure timely and effective control, mitigation and elimination of hazards and losses caused]]> 2023-12-16T13:02:00+00:00 https://thehackernews.com/2023/12/chinas-miit-introduces-color-coded.html www.secnews.physaphae.fr/article.php?IdArticle=8423592 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it\'s tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM]]> 2023-12-16T10:30:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-storm-0539-rising.html www.secnews.physaphae.fr/article.php?IdArticle=8423552 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen Technologies, the malicious network is an amalgamation of two complementary activity]]> 2023-12-15T19:47:00+00:00 https://thehackernews.com/2023/12/new-kv-botnet-targeting-cisco-draytek.html www.secnews.physaphae.fr/article.php?IdArticle=8423240 False Threat Guam 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company said in a statement. This allowed the attackers to gain]]> 2023-12-15T18:31:00+00:00 https://thehackernews.com/2023/12/crypto-hardware-wallet-ledgers-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8423210 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and email clients saturating the internet]]> 2023-12-15T16:38:00+00:00 https://thehackernews.com/2023/12/bug-or-feature-hidden-web-application.html www.secnews.physaphae.fr/article.php?IdArticle=8423180 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The issues relate to two reflected cross-site scripting (XSS) bugs and one command injection flaw, according to new findings from Sonar. "Security inside a local network is often]]> 2023-12-15T16:32:00+00:00 https://thehackernews.com/2023/12/new-security-vulnerabilities-uncovered.html www.secnews.physaphae.fr/article.php?IdArticle=8423181 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Thursday announced that it will start testing a new feature called "Tracking Protection" starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit "cross-site tracking by restricting website access to third-party cookies by default," Anthony Chavez, vice president of Privacy]]> 2023-12-15T12:53:00+00:00 https://thehackernews.com/2023/12/googles-new-tracking-protection-in.html www.secnews.physaphae.fr/article.php?IdArticle=8423068 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications channel. "The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities," Russian]]> 2023-12-15T10:55:00+00:00 https://thehackernews.com/2023/12/new-nkabuse-malware-exploits-nkn.html www.secnews.physaphae.fr/article.php?IdArticle=8423047 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. "In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both," ESET researchers Marc-Etienne M.Léveillé and Rene]]> 2023-12-14T20:56:00+00:00 https://thehackernews.com/2023/12/116-malware-packages-found-on-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8422707 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pro-Hamas threat actor known as Gaza Cyber Gang is targeting Palestinian entities using an updated version of a backdoor dubbed Pierogi. The findings come from SentinelOne, which has given the malware the name Pierogi++ owing to the fact that it\'s implemented in the C++ programming language unlike its Delphi- and Pascal-based predecessor. "Recent Gaza Cybergang activities show]]> 2023-12-14T19:31:00+00:00 https://thehackernews.com/2023/12/new-pierogi-malware-by-gaza-cyber-gang.html www.secnews.physaphae.fr/article.php?IdArticle=8422669 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved the use of an updated version of a known OilRig downloader]]> 2023-12-14T18:00:00+00:00 https://thehackernews.com/2023/12/iranian-state-sponsored-oilrig-group.html www.secnews.physaphae.fr/article.php?IdArticle=8422615 False Malware,Threat APT 34 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in]]> 2023-12-14T16:47:00+00:00 https://thehackernews.com/2023/12/reimagining-network-pentesting-with.html www.secnews.physaphae.fr/article.php?IdArticle=8422616 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in]]> 2023-12-14T16:47:00+00:00 https://thehackernews.com/2023/12/reimagining-network-pentesting-with-automation.html www.secnews.physaphae.fr/article.php?IdArticle=8422765 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes. It\'s notable for the supply chain]]> 2023-12-14T16:02:00+00:00 https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8422584 False Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. "GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website content management systems (CMS) to steal sensitive]]> 2023-12-14T12:00:00+00:00 https://thehackernews.com/2023/12/new-hacker-group-gambleforce-tageting.html www.secnews.physaphae.fr/article.php?IdArticle=8422482 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting them millions of dollars in illicit revenue. "Fraudulent online accounts act as the gateway to a host of cybercrime,]]> 2023-12-14T11:16:00+00:00 https://thehackernews.com/2023/12/microsoft-takes-legal-action-to-crack.html www.secnews.physaphae.fr/article.php?IdArticle=8422461 False Tool,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the perceived authenticity of the initial malicious emails," cybersecurity firm Abnormal Security said in a report published today. BazaCall (aka BazarCall), which was first]]> 2023-12-13T20:52:00+00:00 https://thehackernews.com/2023/12/bazacall-phishing-scammers-now.html www.secnews.physaphae.fr/article.php?IdArticle=8422136 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of]]> 2023-12-13T18:45:00+00:00 https://thehackernews.com/2023/12/google-using-clang-sanitizers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8422108 False Tool,Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malware analysis encompasses a broad range of activities, including examining the malware\'s network traffic. To be effective at it, it\'s crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you\'ll need to address them. Decrypting HTTPS traffic Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure]]> 2023-12-13T17:32:00+00:00 https://thehackernews.com/2023/12/how-to-analyze-malwares-network-traffic.html www.secnews.physaphae.fr/article.php?IdArticle=8422060 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an]]> 2023-12-13T16:25:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8422035 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukraine\'s biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and internet services. "The cyberattack on Ukraine\'s #Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics show, with knock-on impacts reported to air raid alert network and banking sector as work continues]]> 2023-12-13T15:48:00+00:00 https://thehackernews.com/2023/12/major-cyber-attack-paralyzes-kyivstar.html www.secnews.physaphae.fr/article.php?IdArticle=8422003 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in addition to 18 flaws Microsoft addressed in its Chromium-based Edge browser since the release of Patch]]> 2023-12-13T11:20:00+00:00 https://thehackernews.com/2023/12/microsofts-final-2023-patch-tuesday-33.html www.secnews.physaphae.fr/article.php?IdArticle=8421903 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Let\'s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum?  Surprisingly, it\'s the EHR, and the difference is stark: according to a study, EHRs can sell for up to $1,000 each, compared to a mere $5 for a credit card number and $1 for a social]]> 2023-12-12T23:39:00+00:00 https://thehackernews.com/2023/12/unveiling-cyber-threats-to-healthcare.html www.secnews.physaphae.fr/article.php?IdArticle=8421650 False Studies,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is also known as BlueDelta, Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, Iron Twilight, Sednit, Sofacy, and]]> 2023-12-12T20:22:00+00:00 https://thehackernews.com/2023/12/russian-apt28-hackers-targeting-13.html www.secnews.physaphae.fr/article.php?IdArticle=8421570 False Threat APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023 has seen its fair share of cyber attacks, however there\'s one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new perimeter, and 2023 is only the beginning.  Why non-human access is a cybercriminal\'s paradise  People always]]> 2023-12-12T16:55:00+00:00 https://thehackernews.com/2023/12/non-human-access-is-path-of-least.html www.secnews.physaphae.fr/article.php?IdArticle=8421489 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. "This malware is a Python-based information stealer compressed with cx-Freeze to evade detection," Fortinet FortiGuard Labs researcher Cara Lin said. "MrAnon Stealer steals its victims\' credentials, system]]> 2023-12-12T15:25:00+00:00 https://thehackernews.com/2023/12/new-mranon-stealer-targeting-german-it.html www.secnews.physaphae.fr/article.php?IdArticle=8421466 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices. This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari]]> 2023-12-12T12:14:00+00:00 https://thehackernews.com/2023/12/apple-releases-security-updates-to.html www.secnews.physaphae.fr/article.php?IdArticle=8421391 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that could enable unauthorized path traversal and could be exploited under the circumstances to upload a malicious file]]> 2023-12-12T10:53:00+00:00 https://thehackernews.com/2023/12/new-critical-rce-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8421357 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that\'s known to use a backdoor known as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that the adversary\'s Lua-based malware LuaDream and KEYPLUG have been]]> 2023-12-11T19:29:00+00:00 https://thehackernews.com/2023/12/researchers-unmask-sandman-apts-hidden.html www.secnews.physaphae.fr/article.php?IdArticle=8421078 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation Blacksmith, noting the use of three DLang-based]]> 2023-12-11T18:30:00+00:00 https://thehackernews.com/2023/12/lazarus-group-using-log4j-exploits-to.html www.secnews.physaphae.fr/article.php?IdArticle=8421079 False Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In an increasingly digital world, no organization is spared from cyber threats. Yet, not every organization has the luxury of hiring a full-time, in-house CISO. This gap in cybersecurity leadership is where you, as a vCISO, come in. You are the person who will establish, develop, and solidify the organization\'s cybersecurity infrastructure, blending strategic guidance with actionable]]> 2023-12-11T17:15:00+00:00 https://thehackernews.com/2023/12/playbook-your-first-100-days-as-vciso-5.html www.secnews.physaphae.fr/article.php?IdArticle=8421011 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving cybersecurity landscape, one method stands out for its chilling effectiveness – social engineering. But why does it work so well? The answer lies in the intricate dance between the attacker\'s mind and human psychology. Our upcoming webinar, "Think Like a Hacker, Defend Like a Pro," highlights this alarming trend. We delve deep into social engineering, exploring its]]> 2023-12-11T16:23:00+00:00 https://thehackernews.com/2023/12/webinar-psychology-of-social.html www.secnews.physaphae.fr/article.php?IdArticle=8420988 False Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. "Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims\' personal and]]> 2023-12-11T12:39:00+00:00 https://thehackernews.com/2023/12/spyloan-scandal-18-malicious-loan-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8420925 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response (EDR) systems. SafeBreach researcher Alon Leviev said the methods are "capable of working across all processes without any limitations, making them more flexible than existing process]]> 2023-12-11T11:28:00+00:00 https://thehackernews.com/2023/12/new-poolparty-process-injection.html www.secnews.physaphae.fr/article.php?IdArticle=8420905 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking (LAM) as well as its analogous]]> 2023-12-09T17:22:00+00:00 https://thehackernews.com/2023/12/slam-attack-new-spectre-based.html www.secnews.physaphae.fr/article.php?IdArticle=8420428 False Vulnerability,Vulnerability,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader\'s core functionality hasn\'t changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing GuLoader a time-consuming and resource-intensive process," Elastic Security Labs]]> 2023-12-09T12:46:00+00:00 https://thehackernews.com/2023/12/researchers-unveal-guloader-malwares.html www.secnews.physaphae.fr/article.php?IdArticle=8420386 False Malware,Threat,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS. Of the 14 flaws – collectively called 5Ghoul (a combination of "5G" and "Ghoul") – 10 affect 5G modems from the two companies, out of which three]]> 2023-12-08T22:52:00+00:00 https://thehackernews.com/2023/12/new-5g-modems-flaws-affect-ios-devices.html www.secnews.physaphae.fr/article.php?IdArticle=8420246 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems. "The threat actor ultimately uses a backdoor to steal information and execute commands," the AhnLab Security Emergency Response Center (ASEC) said in an]]> 2023-12-08T19:03:00+00:00 https://thehackernews.com/2023/12/n-korean-kimsuky-targeting-south-korean.html www.secnews.physaphae.fr/article.php?IdArticle=8420188 False Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals with limited technical expertise to carry out devastating attacks.]]> 2023-12-08T16:38:00+00:00 https://thehackernews.com/2023/12/ransomware-as-service-growing-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8420156 False Ransomware,Threat,Prediction,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit]]> 2023-12-08T15:22:00+00:00 https://thehackernews.com/2023/12/mac-users-beware-new-trojan-proxy.html www.secnews.physaphae.fr/article.php?IdArticle=8420157 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins,]]> 2023-12-08T14:53:00+00:00 https://thehackernews.com/2023/12/wordpress-releases-update-642-to.html www.secnews.physaphae.fr/article.php?IdArticle=8420158 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian founder of the now-defunct Bitzlato cryptocurrency exchange has pleaded guilty, nearly 11 months after he was arrested in Miami earlier this year. Anatoly Legkodymov (aka Anatolii Legkodymov, Gandalf, and Tolik), according to the U.S. Justice Department, admitted to operating an unlicensed money-transmitting business that enabled other criminal actors to launder their]]> 2023-12-08T11:11:00+00:00 https://thehackernews.com/2023/12/founder-of-bitzlato-cryptocurrency.html www.secnews.physaphae.fr/article.php?IdArticle=8420104 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star Blizzard (formerly SEABORGIUM). It\'s also called Blue Callisto, BlueCharlie (or TAG-53),]]> 2023-12-07T20:06:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-coldrivers-evolving.html www.secnews.physaphae.fr/article.php?IdArticle=8419911 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass]]> 2023-12-07T17:16:00+00:00 https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html www.secnews.physaphae.fr/article.php?IdArticle=8419854 False Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human qualities, sharpening their skills to manipulate biases and emotional triggers with the objective of]]> 2023-12-07T17:14:00+00:00 https://thehackernews.com/2023/12/hacking-human-mind-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8419855 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat intelligence refers to gathering, processing, and analyzing cyber threats, along with proactive defensive measures aimed at strengthening security. It enables organizations to gain a comprehensive insight into historical, present, and anticipated threats, providing context about the constantly evolving threat landscape. Importance of threat intelligence in the cybersecurity ecosystem]]> 2023-12-07T16:21:00+00:00 https://thehackernews.com/2023/12/building-robust-threat-intelligence.html www.secnews.physaphae.fr/article.php?IdArticle=8419834 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden. "Push notifications are alerts sent by phone apps to users\' smartphones," Wyden said. "These alerts pass through a digital post office run by the phone operating system provider -- overwhelmingly Apple or Google. Because of]]> 2023-12-07T15:54:00+00:00 https://thehackernews.com/2023/12/governments-may-spy-on-you-by.html www.secnews.physaphae.fr/article.php?IdArticle=8419835 False Threat,Mobile None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021. Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal its own presence during the initialization phase," Group-IB said in a report]]> 2023-12-07T11:45:00+00:00 https://thehackernews.com/2023/12/new-stealthy-krasue-linux-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8419786 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has officially begun to roll out support for end-to-end encryption (E2EE) in Messenger for personal calls and one-to-one personal messages by default in what it called the "most significant milestone yet." "This isn\'t a routine security update: we rebuilt the app from the ground up, in close consultation with privacy and safety experts," Loredana Crisan, vice president of]]> 2023-12-07T11:22:00+00:00 https://thehackernews.com/2023/12/meta-launches-default-end-to-end.html www.secnews.physaphae.fr/article.php?IdArticle=8419787 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth said in a Tuesday analysis. AWS STS is a web service that enables]]> 2023-12-06T19:08:00+00:00 https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8419566 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like]]> 2023-12-06T17:14:00+00:00 https://thehackernews.com/2023/12/new-report-unveiling-threat-of.html www.secnews.physaphae.fr/article.php?IdArticle=8419537 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like TinyXML and OpenNDS. Collectively tracked as Sierra:21, the issues expose over 86,000 devices across critical sectors like energy, healthcare, waste management, retail, emergency services, and vehicle tracking to cyber threats, according]]> 2023-12-06T16:48:00+00:00 https://thehackernews.com/2023/12/sierra21-flaws-in-sierra-wireless.html www.secnews.physaphae.fr/article.php?IdArticle=8419538 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents and alerts. Implementing automation throughout security operations helps security teams alleviate]]> 2023-12-06T15:44:00+00:00 https://thehackernews.com/2023/12/scaling-security-operations-with.html www.secnews.physaphae.fr/article.php?IdArticle=8419523 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. "The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,"]]> 2023-12-06T15:40:00+00:00 https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html www.secnews.physaphae.fr/article.php?IdArticle=8419524 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below - CVE-2022-1471 (CVSS score: 9.8) - Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products CVE-2023-22522 (CVSS score]]> 2023-12-06T14:48:00+00:00 https://thehackernews.com/2023/12/atlassian-releases-critical-software.html www.secnews.physaphae.fr/article.php?IdArticle=8419504 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023. The vulnerabilities are as follows - CVE-2023-33063 (CVSS score: 7.8) - Memory corruption in DSP Services during a remote call from HLOS to DSP. CVE-2023-33106 (CVSS score: 8.4) - Memory corruption in]]> 2023-12-06T10:53:00+00:00 https://thehackernews.com/2023/12/qualcomm-releases-details-on-chip.html www.secnews.physaphae.fr/article.php?IdArticle=8419451 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it\'s actually not and carry out covert attacks. The novel, detailed by Jamf Threat Labs in a report shared with The Hacker News, "shows that if a hacker has already infiltrated your device, they can cause]]> 2023-12-05T20:28:00+00:00 https://thehackernews.com/2023/12/warning-for-iphone-users-experts-warn.html www.secnews.physaphae.fr/article.php?IdArticle=8419295 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+ sentiment, U.S. military competence, and Germany\'s economic and social issues, according to a new]]> 2023-12-05T20:28:00+00:00 https://thehackernews.com/2023/12/russias-ai-powered-disinformation.html www.secnews.physaphae.fr/article.php?IdArticle=8419296 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps - Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft\'s dream is to take the drudgery out of daily work and let humans focus on being creative problem-solvers. What makes Copilot a different beast than ChatGPT and]]> 2023-12-05T16:59:00+00:00 https://thehackernews.com/2023/12/generative-ai-security-preventing.html www.secnews.physaphae.fr/article.php?IdArticle=8419257 False Tool ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. "More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes," Jacob Baines, chief technology officer at VulnCheck, said in a report shared with The Hacker News. "More than 6,000 repositories were vulnerable to repojacking due to account]]> 2023-12-05T15:44:00+00:00 https://thehackernews.com/2023/12/15000-go-module-repositories-on-github.html www.secnews.physaphae.fr/article.php?IdArticle=8419240 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what\'s suspected to be a cyber espionage mission. The BlackBerry Threat Research and Intelligence team is tracking the activity cluster as AeroBlade. Its origin is currently unknown and it\'s not clear if the attack was successful. "The actor used spear-phishing]]> 2023-12-05T13:25:00+00:00 https://thehackernews.com/2023/12/new-threat-actor-aeroblade-emerges-in.html www.secnews.physaphae.fr/article.php?IdArticle=8419204 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to victims\' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called Forest Blizzard (formerly Strontium), which is also widely tracked under the monikers APT28,]]> 2023-12-05T12:29:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-kremlin-backed-apt28.html www.secnews.physaphae.fr/article.php?IdArticle=8419205 False Vulnerability,Threat APT 28 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has unearthed multiple novel attacks that break Bluetooth Classic\'s forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers. The issues, collectively named BLUFFS, impact Bluetooth Core Specification 4.2 through 5.4. They are tracked under the identifier CVE-2023-24023 (CVSS score: 6.8)]]> 2023-12-04T18:46:00+00:00 https://thehackernews.com/2023/12/new-bluffs-bluetooth-attack-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8419020 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn\'t have access as well as trim unnecessary permissions. In addition to saving some unnecessary license fees, a clean user inventory significantly enhances the security of your SaaS applications. From reducing risk to protecting against data leakage, here is how]]> 2023-12-04T17:08:00+00:00 https://thehackernews.com/2023/12/make-fresh-start-for-2024-clean-out.html www.secnews.physaphae.fr/article.php?IdArticle=8418989 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that\'s capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages (MIPS) architecture, broadening its capabilities and reach. "It\'s highly likely that by targeting MIPS, the P2PInfect developers]]> 2023-12-04T16:33:00+00:00 https://thehackernews.com/2023/12/new-p2pinfect-botnet-mips-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8418990 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, "can be used by threat actors to deliver a malicious payload and bypass Secure Boot, Intel]]> 2023-12-04T12:23:00+00:00 https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8418948 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the deployment of CACTUS ransomware," the Microsoft Threat Intelligence team said in a series of posts on X (]]> 2023-12-04T09:50:00+00:00 https://thehackernews.com/2023/12/microsoft-warns-of-malvertising-scheme.html www.secnews.physaphae.fr/article.php?IdArticle=8418912 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks Unit 42 researcher Chema Garcia ]]> 2023-12-02T13:59:00+00:00 https://thehackernews.com/2023/12/agent-racoon-backdoor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8418532 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data]]> 2023-12-02T13:22:00+00:00 https://thehackernews.com/2023/12/russian-hacker-vladimir-dunaev.html www.secnews.physaphae.fr/article.php?IdArticle=8418523 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. "Spreading primarily through messaging services, it combines app-based malware with social engineering to defraud banking customers," Oslo-based mobile app]]> 2023-12-01T18:10:00+00:00 https://thehackernews.com/2023/12/new-fjordphantom-android-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8418322 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in disrupting this long-running threat, concerns have arisen as it appears that Qakbot may still pose a danger in a reduced form. This article discusses the aftermath of the takedown, provides mitigation]]> 2023-12-01T16:20:00+00:00 https://thehackernews.com/2023/12/qakbot-takedown-aftermath-mitigations.html www.secnews.physaphae.fr/article.php?IdArticle=8418295 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The activity, which commenced no later than August 2023, leverages two different infection sequences to deliver the malware, which is a customized variant of Gh0st RAT ]]> 2023-12-01T16:19:00+00:00 https://thehackernews.com/2023/12/chinese-hackers-using-sugargh0st-rat-to.html www.secnews.physaphae.fr/article.php?IdArticle=8418296 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps, but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore\'s defenses, perpetrators made two attempts with two different strategies.]]> 2023-12-01T15:56:00+00:00 https://thehackernews.com/2023/12/discover-how-gcore-thwarted-powerful.html www.secnews.physaphae.fr/article.php?IdArticle=8418281 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an "additional way to protect those chats and make them harder to find if someone has access to your phone or you share a phone with someone else." Secret Code builds on another feature]]> 2023-12-01T15:34:00+00:00 https://thehackernews.com/2023/12/whatsapps-new-secret-code-feature-lets.html www.secnews.physaphae.fr/article.php?IdArticle=8418282 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of the Treasury\'s Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion. The agents, the Treasury said, helped in "revenue generation and missile-related technology procurement that support the DPRK\'s]]> 2023-12-01T13:13:00+00:00 https://thehackernews.com/2023/12/us-treasury-sanctions-north-korean.html www.secnews.physaphae.fr/article.php?IdArticle=8418258 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 (CVSS score: 9.8) - A command injection vulnerability that could allow an]]> 2023-12-01T11:52:00+00:00 https://thehackernews.com/2023/12/zyxel-releases-patches-to-fix-15-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8418239 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to]]> 2023-12-01T09:55:00+00:00 https://thehackernews.com/2023/12/zero-day-alert-apple-rolls-out-ios.html www.secnews.physaphae.fr/article.php?IdArticle=8418223 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and more," according to the project\'s]]> 2023-11-30T18:38:00+00:00 https://thehackernews.com/2023/11/google-unveils-retvec-gmails-new.html www.secnews.physaphae.fr/article.php?IdArticle=8418069 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors from the Democratic People\'s Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. "Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from the rest of the world, the regime\'s]]> 2023-11-30T17:25:00+00:00 https://thehackernews.com/2023/11/north-koreas-lazarus-group-rakes-in-3.html www.secnews.physaphae.fr/article.php?IdArticle=8418053 False Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage the third-party risks associated with SaaS, but first...  What exactly is]]> 2023-11-30T17:25:00+00:00 https://thehackernews.com/2023/11/this-free-solution-provides-essential.html www.secnews.physaphae.fr/article.php?IdArticle=8418052 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention in recent years due to its ability to generate realistic and diverse outputs. When it comes to security operations, Generative AI can play]]> 2023-11-30T16:48:00+00:00 https://thehackernews.com/2023/11/7-uses-for-generative-ai-to-enhance.html www.secnews.physaphae.fr/article.php?IdArticle=8418039 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access," Arctic Wolf]]> 2023-11-30T16:46:00+00:00 https://thehackernews.com/2023/11/cactus-ransomware-exploits-qlik-sense.html www.secnews.physaphae.fr/article.php?IdArticle=8418040 False Ransomware,Vulnerability,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. "Sinbad has processed millions of dollars\' worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists," the department said. "Sinbad is also used by]]> 2023-11-30T11:39:00+00:00 https://thehackernews.com/2023/11/us-treasury-sanctions-sinbad.html www.secnews.physaphae.fr/article.php?IdArticle=8417988 False None APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it\'s responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective known as Cyber Av3ngers. "Cyber threat]]> 2023-11-29T18:32:00+00:00 https://thehackernews.com/2023/11/iranian-hackers-exploit-plcs-in-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8417800 False Threat,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That\'s according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious operation, with the threat actor also observed carrying out phishing attacks against the targeted financial institutions.]]> 2023-11-29T15:43:00+00:00 https://thehackernews.com/2023/11/200-malicious-apps-on-iranian-android.html www.secnews.physaphae.fr/article.php?IdArticle=8417759 False Malware,Threat,Mobile,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a rapidly evolving digital landscape, it\'s crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they\'re reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay ahead of emerging threats.  To learn more, download the full report here. The New Paradigm If you\'ve been relying]]> 2023-11-29T14:51:00+00:00 https://thehackernews.com/2023/11/discover-why-proactive-web-security.html www.secnews.physaphae.fr/article.php?IdArticle=8417760 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system. "The threat actor downloaded the names and email addresses of all Okta customer support system users," the company said in a statement shared with The Hacker News. "All Okta Workforce Identity Cloud (WIC) and Customer]]> 2023-11-29T11:48:00+00:00 https://thehackernews.com/2023/11/okta-discloses-additional-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8417712 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers," Cybereason]]> 2023-11-29T11:25:00+00:00 https://thehackernews.com/2023/11/djvu-ransomwares-latest-variant-xaro.html www.secnews.physaphae.fr/article.php?IdArticle=8417699 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that\'s capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0) that has been]]> 2023-11-29T10:37:00+00:00 https://thehackernews.com/2023/11/gotitan-botnet-spotted-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8417700 False Vulnerability,Vulnerability,Threat None 2.0000000000000000