This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-04T21:43:14+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain The University of Michigan (UMICH) warned staff and students on Tuesday that they\'re required to reset their account passwords after a recent cyberattack. [...]]]> 2023-09-06T16:43:14+00:00 https://www.bleepingcomputer.com/news/security/university-of-michigan-requires-password-resets-after-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8379823 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says Storm-0558 Chinese hackers stole a signing key used to breach government email accounts from a Windows crash dump after compromising a Microsoft engineer\'s corporate account. [...]]]> 2023-09-06T14:12:18+00:00 https://www.bleepingcomputer.com/news/microsoft/hackers-stole-microsoft-signing-key-from-windows-crash-dump/ www.secnews.physaphae.fr/article.php?IdArticle=8379776 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain A new Mirai malware botnet variant has been spotted infecting inexpensive Android TV set-top boxes used by millions for media streaming. [...]]]> 2023-09-06T12:56:36+00:00 https://www.bleepingcomputer.com/news/security/mirai-variant-infects-low-cost-android-tv-boxes-for-ddos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8379745 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The September 2023 Android security updates tackle 33 vulnerabilities, including a zero-day bug currently targeted in the wild. [...]]]> 2023-09-06T12:20:57+00:00 https://www.bleepingcomputer.com/news/security/september-android-updates-fix-zero-day-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8379746 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft 365 corporate accounts. [...]]]> 2023-09-06T06:33:54+00:00 https://www.bleepingcomputer.com/news/security/w3ll-phishing-kit-hijacks-thousands-of-microsoft-365-accounts-bypasses-mfa/ www.secnews.physaphae.fr/article.php?IdArticle=8379573 False Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with over $40 million in crypto reportedly stolen. [...]]]> 2023-09-05T14:24:30+00:00 https://www.bleepingcomputer.com/news/security/crypto-casino-stakecom-loses-41-million-to-hot-wallet-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8379255 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools protocol for direct access to the victim\'s browser functions, allowing it to steal data using WebSockets. [...]]]> 2023-09-05T13:01:19+00:00 https://www.bleepingcomputer.com/news/security/chaes-malware-now-uses-google-chrome-devtools-protocol-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8379223 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Freecycle, an online forum dedicated to exchanging used items rather than trashing them, confirmed a massive data breach that affected more than 7 million users. [...]]]> 2023-09-04T14:09:38+00:00 https://www.bleepingcomputer.com/news/security/freecycle-confirms-massive-data-breach-impacting-7-million-users/ www.secnews.physaphae.fr/article.php?IdArticle=8378863 False Data Breach None 1.00000000000000000000 Bleeping Computer - Magazine Américain The German Federal Financial Supervisory Authority (BaFin) announced today that an ongoing distributed denial-of-service (DDoS) attack has been impacting its website since Friday. [...]]]> 2023-09-04T13:11:14+00:00 https://www.bleepingcomputer.com/news/security/german-financial-agency-site-disrupted-by-ddos-attack-since-friday/ www.secnews.physaphae.fr/article.php?IdArticle=8378864 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary code, and potentially take over servers. [...]]]> 2023-09-04T12:45:19+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-minio-storage-system-to-breach-corporate-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8378835 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The University of Sydney (USYD) has announced it has suffered a data breach through a third-party service provider, exposing the personal data of recently applied and enrolled international applicants. [...]]]> 2023-09-03T11:13:15+00:00 https://www.bleepingcomputer.com/news/security/university-of-sydney-data-breach-impacts-recent-applicants/ www.secnews.physaphae.fr/article.php?IdArticle=8378384 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning that a sexually explicit video of you was uploaded to the site and suggesting you pay to have it taken down. [...]]]> 2023-09-02T10:12:06+00:00 https://www.bleepingcomputer.com/news/security/fake-youporn-extortion-scam-threatens-to-leak-your-sex-tape/ www.secnews.physaphae.fr/article.php?IdArticle=8378202 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Topgolf Callaway (Callaway) suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers. [...]]]> 2023-09-01T08:43:44+00:00 https://www.bleepingcomputer.com/news/security/golf-gear-giant-callaway-data-breach-exposes-info-of-11-million/ www.secnews.physaphae.fr/article.php?IdArticle=8377863 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Forever 21 clothing and accessories retailer is sending data breach notifications to more than half a million individuals who had their personal information exposed to network intruders. [...]]]> 2023-08-31T15:23:26+00:00 https://www.bleepingcomputer.com/news/security/forever-21-data-breach-hackers-accessed-info-of-500-000/ www.secnews.physaphae.fr/article.php?IdArticle=8377864 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, more commonly known as the GRU, have been targeting Android devices in Ukraine with a new malicious framework named \'Infamous Chisel. [...]]]> 2023-08-31T10:48:51+00:00 https://www.bleepingcomputer.com/news/security/gru-hackers-attack-ukrainian-military-with-new-android-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8377220 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain American entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally identifiable information (PII). [...]]]> 2023-08-30T19:08:43+00:00 https://www.bleepingcomputer.com/news/security/paramount-discloses-data-breach-following-security-incident/ www.secnews.physaphae.fr/article.php?IdArticle=8376958 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA). [...]]]> 2023-08-30T12:00:54+00:00 https://www.bleepingcomputer.com/news/security/hacking-campaign-bruteforces-cisco-vpns-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8376771 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Trojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto Google Play and Samsung Galaxy Store by a Chinese APT hacking group known as GREF. [...]]]> 2023-08-30T11:16:48+00:00 https://www.bleepingcomputer.com/news/security/trojanized-signal-and-telegram-apps-on-google-play-delivered-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8376772 False None APT 15 3.0000000000000000 Bleeping Computer - Magazine Américain The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices. [...]]]> 2023-08-29T16:45:48+00:00 https://www.bleepingcomputer.com/news/security/how-the-fbi-nuked-qakbot-malware-from-infected-windows-pcs/ www.secnews.physaphae.fr/article.php?IdArticle=8376418 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices. [...]]]> 2023-08-29T15:17:34+00:00 https://www.bleepingcomputer.com/news/security/dreambus-malware-exploits-rocketmq-flaw-to-infect-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8376419 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from compromised devices. [...]]]> 2023-08-29T14:04:20+00:00 https://www.bleepingcomputer.com/news/security/new-android-mmrat-malware-uses-protobuf-protocol-to-steal-your-data/ www.secnews.physaphae.fr/article.php?IdArticle=8376339 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Japan\'s computer emergency response team (JPCERT) is sharing a new \'MalDoc in PDF\' attack detected in July 2023 that bypasses detection by embedding malicious Word files into PDFs. [...]]]> 2023-08-28T16:32:37+00:00 https://www.bleepingcomputer.com/news/security/maldoc-in-pdfs-hiding-malicious-word-docs-in-pdf-files/ www.secnews.physaphae.fr/article.php?IdArticle=8375862 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain PurFoods, which conducts business in the U.S. as \'Mom\'s Meals,\' is warning of a data breach after the personal information of 1.2 million customers and employees was stolen in a ransomware attack. [...]]]> 2023-08-28T10:24:22+00:00 https://www.bleepingcomputer.com/news/security/moms-meals-discloses-data-breach-impacting-12-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8375712 False Ransomware,Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors take advantage of common password mistakes to breach corporate networks. Learn more from Specops Software on the four most common mistakes and how to strengthen your Active Directory against these risks. [...]]]> 2023-08-28T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/four-common-password-mistakes-hackers-love-to-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8375713 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records. [...]]]> 2023-08-27T18:37:44+00:00 https://www.bleepingcomputer.com/news/security/rhysida-claims-ransomware-attack-on-prospect-medical-threatens-to-sell-data/ www.secnews.physaphae.fr/article.php?IdArticle=8375376 False Ransomware,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain Pôle emploi, France\'s governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. [...]]]> 2023-08-25T13:01:02+00:00 https://www.bleepingcomputer.com/news/security/data-breach-at-french-govt-agency-exposes-info-of-10-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8374593 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Leaseweb, one of the world\'s largest cloud and hosting providers, notified people that it\'s working on restoring "critical" systems disabled following a recent security breach. [...]]]> 2023-08-25T10:59:10+00:00 https://www.bleepingcomputer.com/news/security/leaseweb-is-restoring-critical-systems-after-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8374537 False Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants. [...]]]> 2023-08-25T10:10:04+00:00 https://www.bleepingcomputer.com/news/security/kroll-data-breach-exposes-info-of-ftx-blockfi-genesis-creditors/ www.secnews.physaphae.fr/article.php?IdArticle=8374538 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...]]]> 2023-08-24T15:09:53+00:00 https://www.bleepingcomputer.com/news/security/fbi-warns-of-patched-barracuda-esg-appliances-still-being-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=8374201 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of the year the hackers\' median dwell time dropped to five days from nine in 2022 [...]]]> 2023-08-24T14:18:04+00:00 https://www.bleepingcomputer.com/news/security/ransomware-hackers-dwell-time-drops-to-5-days-rdp-still-widely-used/ www.secnews.physaphae.fr/article.php?IdArticle=8374177 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location of infected devices through WiFi scanning and Google\'s geolocation API. [...]]]> 2023-08-24T11:36:57+00:00 https://www.bleepingcomputer.com/news/security/new-whiffy-recon-malware-uses-wifi-to-triangulate-your-location/ www.secnews.physaphae.fr/article.php?IdArticle=8374126 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho\'s ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...]]]> 2023-08-24T08:31:20+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-public-manageengine-exploit-to-breach-internet-org/ www.secnews.physaphae.fr/article.php?IdArticle=8374056 False Vulnerability APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information. [...]]]> 2023-08-23T18:17:45+00:00 https://www.bleepingcomputer.com/news/security/lapsus-teen-hackers-convicted-of-high-profile-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8373836 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Bitwarden, the maker of the popular open-source password manager tool, has released \'Secrets Manager,\' an end-to-end encrypted secrets manager for IT professionals, software development teams, and the DevOps industry. [...]]]> 2023-08-23T15:04:02+00:00 https://www.bleepingcomputer.com/news/security/bitwarden-releases-free-and-open-source-e2ee-secrets-manager/ www.secnews.physaphae.fr/article.php?IdArticle=8373790 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to let them know what Personal Identifying Information (PII) was exposed in the incident. [...]]]> 2023-08-23T14:45:23+00:00 https://www.bleepingcomputer.com/news/security/discord-starts-notifying-users-affected-by-march-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8373766 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Danish hosting firms CloudNordic and AzeroCloud have suffered ransomware attacks, causing the loss of the majority of customer data and forcing the hosting providers to shut down all systems, including websites, email, and customer sites. [...]]]> 2023-08-23T10:40:43+00:00 https://www.bleepingcomputer.com/news/security/hosting-firm-says-it-lost-all-customer-data-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8373686 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain When a cyberattack like the 2023 MOVEit hack makes global news headlines, attention often focuses on the names of the affected organizations. This article from @Outpost24 overviews the Moveit hack and aims to draw some important actionable takeaways for your business. [...]]]> 2023-08-23T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/the-moveit-hack-and-what-it-taught-us-about-application-security/ www.secnews.physaphae.fr/article.php?IdArticle=8373687 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...]]]> 2023-08-23T09:53:26+00:00 https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8373658 False Malware,Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack. [...]]]> 2023-08-22T12:47:21+00:00 https://www.bleepingcomputer.com/news/security/new-hiatusrat-malware-attacks-target-us-defense-department/ www.secnews.physaphae.fr/article.php?IdArticle=8373169 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain There\'s mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data. [...]]]> 2023-08-22T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/akira-ransomware-targets-cisco-vpns-to-breach-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8373136 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain A previously unidentified APT hacking group named \'Carderbee\' was observed attacking organizations in Hong Kong and other regions in Asia, using legitimate software to infect targets\' computers with the PlugX malware. [...]]]> 2023-08-22T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/carderbee-hacking-group-hits-hong-kong-orgs-in-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8373137 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link\'s Tapo app, which could allow attackers to steal their target\'s WiFi password. [...]]]> 2023-08-21T15:55:29+00:00 https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/ www.secnews.physaphae.fr/article.php?IdArticle=8372855 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware. [...]]]> 2023-08-20T13:26:54+00:00 https://www.bleepingcomputer.com/news/google/google-chrome-to-warn-when-installed-extensions-are-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8372467 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The China-aligned APT (advanced persistent threat) group known as \'Bronze Starlight\' was seen targeting the Southeast Asian gambling industry with malware signed using a valid certificate used by the Ivacy VPN provider. [...]]]> 2023-08-19T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-vpn-providers-code-certificate-to-sign-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8372468 False Malware APT 10 3.0000000000000000 Bleeping Computer - Magazine Américain An international law enforcement operation led by Interpol has led to the arrest of 14 suspected cybercriminals in an operation codenamed \'Africa Cyber Surge II,\' launched in April 2023. [...]]]> 2023-08-18T10:39:02+00:00 https://www.bleepingcomputer.com/news/security/interpol-arrests-14-suspected-cybercriminals-for-stealing-40-million/ www.secnews.physaphae.fr/article.php?IdArticle=8371797 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors increasingly distribute malicious Android APKs (packaged app installers) that resist decompilation using unsupported, unknown, or heavily tweaked compression algorithms. [...]]]> 2023-08-17T10:51:12+00:00 https://www.bleepingcomputer.com/news/security/thousands-of-android-apks-use-compression-trick-to-thwart-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8371282 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new campaign involving the delivery of proxy server apps to Windows systems has been uncovered, where users are reportedly involuntarily acting as residential exit nodes controlled by a private company. [...]]]> 2023-08-16T11:31:40+00:00 https://www.bleepingcomputer.com/news/security/massive-400-000-proxy-botnet-built-with-stealthy-malware-infections/ www.secnews.physaphae.fr/article.php?IdArticle=8370784 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security. [...]]]> 2023-08-16T10:16:40+00:00 https://www.bleepingcomputer.com/news/security/major-us-energy-org-targeted-in-qr-code-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8370746 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain A threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519. [...]]]> 2023-08-15T15:41:38+00:00 https://www.bleepingcomputer.com/news/security/almost-2-000-citrix-netscaler-servers-backdoored-in-hacking-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8370374 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The developers of Raccoon Stealer information-stealing malware have ended their 6-month hiatus from hacker forums to promote a new 2.3.0 version of the malware to cyber criminals. [...]]]> 2023-08-15T13:24:32+00:00 https://www.bleepingcomputer.com/news/security/raccoon-stealer-malware-returns-with-new-stealthier-version/ www.secnews.physaphae.fr/article.php?IdArticle=8370317 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.  [...]]]> 2023-08-15T11:32:29+00:00 https://www.bleepingcomputer.com/news/security/new-cve-2023-3519-scanner-detects-hacked-citrix-adc-gateway-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8370280 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Discord.io custom invite service has temporarily shut down after suffering a data breach exposing the information of 760,000 members. [...]]]> 2023-08-14T17:40:37+00:00 https://www.bleepingcomputer.com/news/security/discordio-confirms-breach-after-hacker-steals-data-of-760k-users/ www.secnews.physaphae.fr/article.php?IdArticle=8370077 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers say. [...]]]> 2023-08-14T15:22:47+00:00 https://www.bleepingcomputer.com/news/security/over-100k-hacking-forums-accounts-exposed-by-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8370034 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain The Colorado Department of Health Care Policy & Financing (HCPF) is alerting more than four million individuals of a data breach that impacted their personal and health information. [...]]]> 2023-08-14T08:42:09+00:00 https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8369904 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named \'MaginotDNS,\' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains. [...]]]> 2023-08-13T10:12:06+00:00 https://www.bleepingcomputer.com/news/security/maginotdns-attacks-exploit-weak-checks-for-dns-cache-poisoning/ www.secnews.physaphae.fr/article.php?IdArticle=8369905 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Department of Homeland Security\'s Cyber Safety Review Board (CSRB) has announced plans to conduct an in-depth review of cloud security practices following recent Chinese hacks of Microsoft Exchange accounts used by US government agencies. [...]]]> 2023-08-11T13:35:52+00:00 https://www.bleepingcomputer.com/news/security/us-cyber-safety-board-to-analyze-microsoft-exchange-hack-of-govt-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8369057 False Hack,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Police have taken down the Lolek bulletproof hosting provider, arresting five individuals and seizing servers for facilitating malicious activities, including DDoS attacks and malware distribution. [...]]]> 2023-08-11T11:59:15+00:00 https://www.bleepingcomputer.com/news/security/police-seize-lolek-bulletproof-service-for-hosting-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8368972 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture. [...]]]> 2023-08-11T02:23:46+00:00 https://www.bleepingcomputer.com/news/security/lapsus-hackers-took-sim-swapping-attacks-to-the-next-level/ www.secnews.physaphae.fr/article.php?IdArticle=8368919 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks. [...]]]> 2023-08-10T16:35:04+00:00 https://www.bleepingcomputer.com/news/security/gafgyt-malware-exploits-five-years-old-flaw-in-eol-zyxel-router/ www.secnews.physaphae.fr/article.php?IdArticle=8368560 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A cyberespionage group named \'MoustachedBouncer\' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus. [...]]]> 2023-08-10T12:56:57+00:00 https://www.bleepingcomputer.com/news/security/moustachedbouncer-hackers-use-aitm-attacks-to-spy-on-diplomats/ www.secnews.physaphae.fr/article.php?IdArticle=8368491 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named \'Whirlpool\' used in attacks on compromised Barracuda Email Security Gateway (ESG) devices. [...]]]> 2023-08-10T12:06:08+00:00 https://www.bleepingcomputer.com/news/security/cisa-new-whirlpool-backdoor-used-in-barracuda-esg-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8368428 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Infostealer malware has risen to prominence as one of the most significant vectors of cybercrime over the past three years. Learn from Flare about information stealer logs and their role in the cybercrime ecosystem. [...]]]> 2023-08-10T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/safeguarding-against-silent-cyber-threats-exploring-the-stealer-log-lifecycle/ www.secnews.physaphae.fr/article.php?IdArticle=8368394 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Missouri\'s Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. [...]]]> 2023-08-09T15:50:57+00:00 https://www.bleepingcomputer.com/news/security/missouri-warns-that-health-info-was-stolen-in-ibm-moveit-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8368015 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Moq\'s 4.20.0 release from this week included another project, SponsorLink, which caused an uproar among open source software consumers, who likened the move to a breach of trust. [...]]]> 2023-08-09T13:42:12+00:00 https://www.bleepingcomputer.com/news/security/popular-open-source-project-moq-criticized-for-quietly-collecting-data/ www.secnews.physaphae.fr/article.php?IdArticle=8367978 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Healthcare organizations are increasingly at risk from threat actors targeting Internet of Medical Things. Learn more from Outpost24 on how attack surface management can secure the IoMT devices. [...]]]> 2023-08-09T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/preventative-medicine-for-securing-iot-tech-in-healthcare-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8367933 False Threat,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]]]> 2023-08-08T16:15:31+00:00 https://www.bleepingcomputer.com/news/security/microsoft-office-update-breaks-actively-exploited-rce-attack-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8367470 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. [...]]]> 2023-08-08T12:00:00+00:00 https://www.bleepingcomputer.com/news/google/android-14-to-let-you-block-connections-to-unencrypted-cellular-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8367374 False None None 1.00000000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered a new and powerful transient execution attack called \'Inception\' that can leak privileged secrets and data using unprivileged processes on all AMD Zen CPUs, including the latest models. [...]]]> 2023-08-08T11:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-inception-attack-leaks-sensitive-data-from-all-amd-zen-cpus/ www.secnews.physaphae.fr/article.php?IdArticle=8367375 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. [...]]]> 2023-08-08T10:06:08+00:00 https://www.bleepingcomputer.com/news/security/uk-electoral-commission-data-breach-exposes-8-years-of-voter-data/ www.secnews.physaphae.fr/article.php?IdArticle=8367292 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are increasingly abusing the legitimate Cloudflare Tunnels feature to create stealthy HTTPS connections from compromised devices, bypass firewalls, and maintain long-term persistence. [...]]]> 2023-08-07T16:03:29+00:00 https://www.bleepingcomputer.com/news/security/hackers-increasingly-abuse-cloudflare-tunnels-for-stealthy-connections/ www.secnews.physaphae.fr/article.php?IdArticle=8366899 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The Google Play store was infiltrated by 43 Android applications with 2.5 million installs that secretly displayed advertisements while a phone\'s screen was off, running down a device\'s battery. [...]]]> 2023-08-07T11:50:59+00:00 https://www.bleepingcomputer.com/news/security/google-play-apps-with-25m-installs-load-ads-when-screens-off/ www.secnews.physaphae.fr/article.php?IdArticle=8366814 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers from the Technical University of Berlin have developed a method to hack the AMD-based infotainment systems used in all recent Tesla car models and make it run any software they choose, aka achieve \'jailbreak.\' [...]]]> 2023-08-06T11:06:12+00:00 https://www.bleepingcomputer.com/news/security/tesla-infotainment-jailbreak-unlocks-paid-features-extracts-secrets/ www.secnews.physaphae.fr/article.php?IdArticle=8366456 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. [...]]]> 2023-08-05T12:16:27+00:00 https://www.bleepingcomputer.com/news/security/colorado-department-of-higher-education-warns-of-massive-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8366111 False Ransomware,Data Breach None 1.00000000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks. [...]]]> 2023-08-05T11:16:32+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-now-uses-torrents-to-leak-data-and-evade-takedowns/ www.secnews.physaphae.fr/article.php?IdArticle=8366112 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%. [...]]]> 2023-08-05T10:09:18+00:00 https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/ www.secnews.physaphae.fr/article.php?IdArticle=8366113 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google Play Store\'s review process and security controls. [...]]]> 2023-08-04T13:04:02+00:00 https://www.bleepingcomputer.com/news/security/google-explains-how-android-malware-slips-onto-google-play-store/ www.secnews.physaphae.fr/article.php?IdArticle=8365745 False Malware,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft\'s new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily spread laterally to other Azure tenants. [...]]]> 2023-08-03T18:55:44+00:00 https://www.bleepingcomputer.com/news/security/new-microsoft-azure-ad-cts-feature-can-be-abused-for-lateral-movement/ www.secnews.physaphae.fr/article.php?IdArticle=8365439 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor\'s MoveIT managed file transfer (MFT) server. [...]]]> 2023-08-03T12:39:18+00:00 https://www.bleepingcomputer.com/news/security/us-govt-contractor-serco-discloses-data-breach-after-moveit-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8365331 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The list of LOLBAS files - legitimate binaries and scripts present in Windows that can be abused for malicious purposes, will include the main executables for Microsoft\'s Outlook email client and Access database management system. [...]]]> 2023-08-03T11:48:01+00:00 https://www.bleepingcomputer.com/news/security/hackers-can-abuse-microsoft-office-executables-to-download-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8365289 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The malicious Rilide Stealer Chrome browser extension has returned in new campaigns targeting crypto users and enterprise employees to steal credentials and crypto wallets. [...]]]> 2023-08-03T10:36:47+00:00 https://www.bleepingcomputer.com/news/security/chrome-malware-rilide-targets-enterprise-users-via-powerpoint-guides/ www.secnews.physaphae.fr/article.php?IdArticle=8365247 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new software-based power side-channel attack called \'Collide+Power\' was discovered, impacting almost all CPUs and potentially allowing data to leak. However, the researchers warn that the flaw is low-risk and will likely not be used in attacks on end users. [...]]]> 2023-08-02T13:37:50+00:00 https://www.bleepingcomputer.com/news/security/new-collide-pluspower-side-channel-attack-impacts-almost-all-cpus/ www.secnews.physaphae.fr/article.php?IdArticle=8364855 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform\'s System Manager (SSM) agent as an undetectable Remote Access Trojan (RAT). [...]]]> 2023-08-02T11:18:35+00:00 https://www.bleepingcomputer.com/news/security/amazons-aws-ssm-agent-can-be-used-as-post-exploitation-rat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8364807 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploited a zero-day vulnerability in Salesforce\'s email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts. [...]]]> 2023-08-02T09:52:47+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploited-salesforce-zero-day-in-facebook-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364752 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Chinese state-sponsored hackers have been targeting industrial organizations with new malware that can steal data from air-gapped systems. [...]]]> 2023-08-01T14:31:21+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-new-malware-to-breach-air-gapped-devices-in-eastern-europe/ www.secnews.physaphae.fr/article.php?IdArticle=8364393 False Malware,Industrial None 4.0000000000000000 Bleeping Computer - Magazine Américain In the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called FraudGPT has emerged, and at least another one is under development that is allegedly based on Google\'s AI experiment, Bard. [...]]]> 2023-08-01T10:08:16+00:00 https://www.bleepingcomputer.com/news/security/cybercriminals-train-ai-chatbots-for-phishing-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8364314 False Malware,Tool ChatGPT,ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain Resetting the passwords for thousands of people after a ransomware attack is challenging, to say the least, for any IT team. Learn more from Specops Software on why organizations are forced into mass password resets and how to make the process manageable. [...]]]> 2023-08-01T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/how-to-manage-a-mass-password-reset-due-to-a-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364315 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are using a fake Android app named \'SafeChat\' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones. [...]]]> 2023-07-31T15:26:42+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-signal-whatsapp-user-data-with-fake-android-chat-app/ www.secnews.physaphae.fr/article.php?IdArticle=8364007 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect. [...]]]> 2023-07-31T11:31:42+00:00 https://www.bleepingcomputer.com/news/security/p2pinfect-server-botnet-spreads-using-redis-replication-feature/ www.secnews.physaphae.fr/article.php?IdArticle=8363909 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. [...]]]> 2023-07-30T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/google-android-patch-gap-makes-n-days-as-dangerous-as-zero-days/ www.secnews.physaphae.fr/article.php?IdArticle=8363570 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Website of Israel\'s largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group\'s cyber systems. [...]]]> 2023-07-30T05:40:03+00:00 https://www.bleepingcomputer.com/news/security/israels-largest-oil-refinery-website-offline-after-ddos-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8363584 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. [...]]]> 2023-07-28T17:27:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-new-submarine-malware-found-on-hacked-barracuda-esg-appliances/ www.secnews.physaphae.fr/article.php?IdArticle=8362935 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. [...]]]> 2023-07-28T16:01:16+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-28th-2023-new-extortion-tactics/ www.secnews.physaphae.fr/article.php?IdArticle=8362899 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway. [...]]]> 2023-07-28T15:38:41+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-new-zero-day-exploited-in-norwegian-govt-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8362900 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA). [...]]]> 2023-07-28T12:10:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-breach-risks-from-idor-web-app-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8362840 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Two new Android malware families named \'CherryBlos\' and \'FakeTrade\' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. [...]]]> 2023-07-28T11:31:34+00:00 https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ocr-to-steal-credentials-from-images/ www.secnews.physaphae.fr/article.php?IdArticle=8362801 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people. [...]]]> 2023-07-28T09:45:38+00:00 https://www.bleepingcomputer.com/news/security/hawaii-community-college-pays-ransomware-gang-to-prevent-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8362757 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency. [...]]]> 2023-07-27T17:58:48+00:00 https://www.bleepingcomputer.com/news/security/coinspaid-blames-lazarus-hackers-for-theft-of-37-300-000-in-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8362435 False None APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain While consumers are usually the ones worried about their information being exposed in data breaches, it\'s now the hacker\'s turn, as the notorious Breached cybercrime forum\'s database is up for sale and member data shared with Have I Been Pwned. [...]]]> 2023-07-27T17:36:56+00:00 https://www.bleepingcomputer.com/news/security/breachforums-database-and-private-chats-for-sale-in-hacker-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8362436 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-07-27T10:15:41+00:00 https://www.bleepingcomputer.com/news/security/8-million-people-hit-by-data-breach-at-us-govt-contractor-maximus/ www.secnews.physaphae.fr/article.php?IdArticle=8362264 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. [...]]]> 2023-07-26T16:19:34+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-linked-to-60-million-alphapo-cryptocurrency-heist/ www.secnews.physaphae.fr/article.php?IdArticle=8361882 False None APT 38 3.0000000000000000