This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-29T04:10:02+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI),]]> 2023-11-22T10:19:00+00:00 https://thehackernews.com/2023/11/lockbit-ransomware-exploiting-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8415738 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it," the]]> 2023-11-21T19:26:00+00:00 https://thehackernews.com/2023/11/play-ransomware-goes-commercial-now.html www.secnews.physaphae.fr/article.php?IdArticle=8415387 False Ransomware,Threat,Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and RAR," G Data malware analyst Anna Lvova said in a Monday analysis.]]> 2023-11-21T17:27:00+00:00 https://thehackernews.com/2023/11/new-agent-tesla-malware-variant-using.html www.secnews.physaphae.fr/article.php?IdArticle=8415361 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing Quishing, a phishing technique resulting from the]]> 2023-11-21T16:10:00+00:00 https://thehackernews.com/2023/11/how-multi-stage-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8415336 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host\'s resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative]]> 2023-11-21T15:30:00+00:00 https://thehackernews.com/2023/11/kinsing-hackers-exploit-apache-activemq.html www.secnews.physaphae.fr/article.php?IdArticle=8415313 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations,]]> 2023-11-21T13:16:00+00:00 https://thehackernews.com/2023/11/malicious-apps-disguised-as-banks-and.html www.secnews.physaphae.fr/article.php?IdArticle=8415268 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out organizations in the South Pacific. "The campaigns leveraged legitimate software]]> 2023-11-21T12:28:00+00:00 https://thehackernews.com/2023/11/mustang-panda-hackers-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8415227 False None APT 27 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. "The delivery mechanisms for the NetSupport RAT encompass fraudulent updates, drive-by downloads, utilization of malware loaders (such as GHOSTPULSE), and various forms of phishing campaigns," VMware Carbon Black researchers said in a report shared with The]]> 2023-11-20T20:49:00+00:00 https://thehackernews.com/2023/11/netsupport-rat-infections-on-rise.html www.secnews.physaphae.fr/article.php?IdArticle=8414924 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging the now-defunct QakBot trojan. “These include hijacked email threads as the initial infection, URLs with unique patterns that limit user access, and an infection chain nearly identical to what we have seen with QakBot delivery,” Cofense said in a report]]> 2023-11-20T20:20:00+00:00 https://thehackernews.com/2023/11/darkgate-and-pikabot-malware-resurrect.html www.secnews.physaphae.fr/article.php?IdArticle=8414899 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In this article, we will provide a brief overview of Silverfort\'s platform, the first (and currently only) unified identity protection platform on the market. Silverfort\'s patented technology aims to protect organizations from identity-based attacks by integrating with existing identity and access management solutions, such as AD (Active Directory) and cloud-based services, and extending secure]]> 2023-11-20T20:20:00+00:00 https://thehackernews.com/2023/11/product-walkthrough-silverforts-unified.html www.secnews.physaphae.fr/article.php?IdArticle=8414900 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today\'s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. On top of that,]]> 2023-11-20T16:32:00+00:00 https://thehackernews.com/2023/11/why-defenders-should-embrace-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8414825 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until human mouse activity is detected," Outpost24 security researcher Alberto Marín said in a technical]]> 2023-11-20T16:19:00+00:00 https://thehackernews.com/2023/11/lummac2-malware-deploys-new.html www.secnews.physaphae.fr/article.php?IdArticle=8414826 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. "Randstorm() is a term we coined to describe a collection of bugs, design decisions, and API changes that, when brought in contact with each other, combine]]> 2023-11-20T14:46:00+00:00 https://thehackernews.com/2023/11/randstorm-exploit-bitcoin-wallets.html www.secnews.physaphae.fr/article.php?IdArticle=8414777 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while]]> 2023-11-20T12:12:00+00:00 https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html www.secnews.physaphae.fr/article.php?IdArticle=8414706 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group\'s Phobos variants are distributed by SmokeLoader, a backdoor trojan," security researcher Guilherme Venere said in an]]> 2023-11-18T16:57:00+00:00 https://thehackernews.com/2023/11/8base-group-deploying-new-phobos.html www.secnews.physaphae.fr/article.php?IdArticle=8413874 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon\'s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging in large-scale campaigns that are]]> 2023-11-18T12:02:00+00:00 https://thehackernews.com/2023/11/russian-cyber-espionage-group-deploys.html www.secnews.physaphae.fr/article.php?IdArticle=8413795 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. “The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, which redirects the]]> 2023-11-17T19:01:00+00:00 https://thehackernews.com/2023/11/beware-malicious-google-ads-trick.html www.secnews.physaphae.fr/article.php?IdArticle=8413407 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Communications Commission (FCC) is adopting new rules that aim to protect consumers from cell phone account scams that make it possible for malicious actors to orchestrate SIM-swapping attacks and port-out fraud. “The rules will help protect consumers from scammers who target data and personal information by covertly swapping SIM cards to a new device or porting phone numbers to]]> 2023-11-17T18:07:00+00:00 https://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html www.secnews.physaphae.fr/article.php?IdArticle=8413381 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In 2023, the cloud isn\'t just a technology-it\'s a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an exclusive webinar: \'Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.\' Join us for an]]> 2023-11-17T16:00:00+00:00 https://thehackernews.com/2023/11/discover-2023s-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8413333 False Cloud Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27 packages, which masqueraded as popular legitimate Python libraries, attracted thousands of downloads,]]> 2023-11-17T15:26:00+00:00 https://thehackernews.com/2023/11/27-malicious-pypi-packages-with.html www.secnews.physaphae.fr/article.php?IdArticle=8413334 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that\'s known to employ sophisticated phishing tactics to infiltrate targets. "Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their]]> 2023-11-17T13:02:00+00:00 https://thehackernews.com/2023/11/us-cybersecurity-agencies-warn-of.html www.secnews.physaphae.fr/article.php?IdArticle=8413267 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows - CVE-2023-36584 (CVSS score: 5.4) - Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability CVE-2023-1671 (CVSS score: 9.8) -]]> 2023-11-17T11:27:00+00:00 https://thehackernews.com/2023/11/cisa-adds-three-security-flaws-with.html www.secnews.physaphae.fr/article.php?IdArticle=8413229 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News. The flaw, tracked as CVE-2023-37580 (CVSS score:]]> 2023-11-16T21:39:00+00:00 https://thehackernews.com/2023/11/zero-day-flaw-in-zimbra-email-software.html www.secnews.physaphae.fr/article.php?IdArticle=8412958 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino is an APT threat actor with strong technical and learning ability, who is good]]> 2023-11-16T19:21:00+00:00 https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html www.secnews.physaphae.fr/article.php?IdArticle=8412886 False Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). "Observed as a ransomware-as-a-service (RaaS)]]> 2023-11-16T17:33:00+00:00 https://thehackernews.com/2023/11/cisa-and-fbi-issue-warning-about.html www.secnews.physaphae.fr/article.php?IdArticle=8412860 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) According to recent research on employee offboarding, 70% of IT professionals say they\'ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn\'t deprovisioned, a surprise bill for resources that aren\'t in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five hours]]> 2023-11-16T16:48:00+00:00 https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html www.secnews.physaphae.fr/article.php?IdArticle=8412834 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. "Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, gain access]]> 2023-11-16T16:48:00+00:00 https://thehackernews.com/2023/11/hackers-could-exploit-google-workspace.html www.secnews.physaphae.fr/article.php?IdArticle=8412835 False Ransomware,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian threat actors have been possibly linked to what\'s been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country\'s energy sector were targeted in May 2023.  "22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace," Denmark\'s SektorCERT said [PDF]. "The]]> 2023-11-16T11:36:00+00:00 https://thehackernews.com/2023/11/russian-hackers-launch-largest-ever.html www.secnews.physaphae.fr/article.php?IdArticle=8412727 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. "The botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia,]]> 2023-11-15T21:04:00+00:00 https://thehackernews.com/2023/11/us-takes-down-ipstorm-botnet-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8412404 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,]]> 2023-11-15T19:19:00+00:00 https://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html www.secnews.physaphae.fr/article.php?IdArticle=8412374 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk remained the same: insiders have access to too much data with too few controls. Insider threats continue to prove difficult for]]> 2023-11-15T16:09:00+00:00 https://thehackernews.com/2023/11/three-ways-varonis-helps-you-fight.html www.secnews.physaphae.fr/article.php?IdArticle=8412300 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU\'s]]> 2023-11-15T13:22:00+00:00 https://thehackernews.com/2023/11/reptar-new-intel-cpu-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8412249 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release. The updates are in]]> 2023-11-15T11:16:00+00:00 https://thehackernews.com/2023/11/alert-microsoft-releases-patch-updates.html www.secnews.physaphae.fr/article.php?IdArticle=8412235 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with]]> 2023-11-15T09:48:00+00:00 https://thehackernews.com/2023/11/urgent-vmware-warns-of-unpatched.html www.secnews.physaphae.fr/article.php?IdArticle=8412202 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of academics has disclosed a new "software fault attack" on AMD\'s Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security. It]]> 2023-11-15T00:10:00+00:00 https://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html www.secnews.physaphae.fr/article.php?IdArticle=8412056 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are skyrocketing, organizations are coming face-to-face with a harsh reality: traditional cybersecurity]]> 2023-11-14T17:26:00+00:00 https://thehackernews.com/2023/11/the-importance-of-continuous-security.html www.secnews.physaphae.fr/article.php?IdArticle=8411792 False Data Breach None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. "Attackers are exploiting this misconfiguration to deliver a malicious Docker container, built from an image named \'oracleiv_latest\' and containing Python malware compiled as an ELF executable]]> 2023-11-14T17:24:00+00:00 https://thehackernews.com/2023/11/alert-oracleiv-ddos-botnet-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8411793 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Have you heard about Dependabot? If not, just ask any developer around you, and they\'ll likely rave about how it has revolutionized the tedious task of checking and updating outdated dependencies in software projects.  Dependabot not only takes care of the checks for you, but also provides suggestions for modifications that can be approved with just a single click. Although Dependabot is limited]]> 2023-11-14T17:05:00+00:00 https://thehackernews.com/2023/11/cicd-risks-protecting-your-software.html www.secnews.physaphae.fr/article.php?IdArticle=8411760 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind. The activity, detected between July and October 2023, has been attributed by Proofpoint to a threat actor it tracks under the name TA402, which is also known as Molerats, Gaza Cyber Gang, and shares tactical overlaps with a pro-Hamas]]> 2023-11-14T15:31:00+00:00 https://thehackernews.com/2023/11/new-campaign-targets-middle-east.html www.secnews.physaphae.fr/article.php?IdArticle=8411725 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October 2023, targeting marketing professionals in India with an aim to hijack Facebook business accounts. "An important feature that sets it apart is that, unlike previous campaigns, which relied on .NET applications, this one used Delphi as the programming]]> 2023-11-14T13:33:00+00:00 https://thehackernews.com/2023/11/vietnamese-hackers-using-new-delphi.html www.secnews.physaphae.fr/article.php?IdArticle=8411647 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active]]> 2023-11-14T11:33:00+00:00 https://thehackernews.com/2023/11/cisa-sets-deadline-patch-juniper-junos.html www.secnews.physaphae.fr/article.php?IdArticle=8411585 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape. "It appears that the leadership of the Hive group made the strategic decision to cease their operations and transfer their remaining assets to another group, Hunters]]> 2023-11-13T17:42:00+00:00 https://thehackernews.com/2023/11/new-ransomware-group-emerges-with-hives.html www.secnews.physaphae.fr/article.php?IdArticle=8411002 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Effective marketing operations today are driven by the use of Software-as-a-Service (SaaS) applications. Marketing apps such as Salesforce, Hubspot, Outreach, Asana, Monday, and Box empower marketing teams, agencies, freelancers, and subject matter experts to collaborate seamlessly on campaigns and marketing initiatives.  These apps serve as the digital command centers for marketing]]> 2023-11-13T17:05:00+00:00 https://thehackernews.com/2023/11/top-5-marketing-tech-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8410967 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a long-term espionage campaign," Palo Alto Networks Unit 42 researchers said in a report last week. "The observed activity aligns with geopolitical goals of]]> 2023-11-13T11:28:00+00:00 https://thehackernews.com/2023/11/chinese-hackers-launch-covert-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=8410768 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malaysian law enforcement authorities have announced the takedown of a phishing-as-a-service (PhaaS) operation called BulletProofLink. The Royal Malaysian Police said the effort, which was carried out with assistance from the Australian Federal Police (AFP) and the U.S. Federal Bureau of Investigation (FBI) on November 6, 2023, was based on information that the threat actors behind the platform]]> 2023-11-13T10:57:00+00:00 https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html www.secnews.physaphae.fr/article.php?IdArticle=8410769 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks aimed at Israel. Dubbed BiBi-Windows Wiper by BlackBerry, the wiper is the Windows counterpart of BiBi-Linux Wiper, which has been put to use by a pro-Hamas hacktivist group in the wake of the Israel-Hamas war last month. "The Windows variant [...]]> 2023-11-13T10:20:00+00:00 https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8410770 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a "shift in the persistent actor\\\'s tactics." Sapphire Sleet, also called APT38, BlueNoroff, CageyChameleon, and CryptoCore, has a]]> 2023-11-11T19:03:00+00:00 https://thehackernews.com/2023/11/microsoft-warns-of-fake-skills.html www.secnews.physaphae.fr/article.php?IdArticle=8409670 False Threat APT 38,APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google\'s Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting industrial control systems (ICS). "The actor first used OT-level living-off-the-land (LotL) techniques to]]> 2023-11-10T17:52:00+00:00 https://thehackernews.com/2023/11/russian-hackers-sandworm-cause-power.html www.secnews.physaphae.fr/article.php?IdArticle=8409099 False Hack,Industrial APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don\'t pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of (or augment) inefficient and cumbersome SIEMs. With an estimated 80% of]]> 2023-11-10T14:30:00+00:00 https://thehackernews.com/2023/11/the-new-8020-rule-for-secops-customize.html www.secnews.physaphae.fr/article.php?IdArticle=8408991 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a stealthy backdoor named Effluence that\'s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence," Aon\'s Stroz Friedberg Incident Response Services said in an analysis published]]> 2023-11-10T14:28:00+00:00 https://thehackernews.com/2023/11/alert-effluence-backdoor-persists.html www.secnews.physaphae.fr/article.php?IdArticle=8408992 False Malware,Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm (previously Curium),]]> 2023-11-10T12:41:00+00:00 https://thehackernews.com/2023/11/iran-linked-imperial-kitten-cyber-group.html www.secnews.physaphae.fr/article.php?IdArticle=8408993 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its]]> 2023-11-10T10:39:00+00:00 https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html www.secnews.physaphae.fr/article.php?IdArticle=8408923 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers. The issue, tracked as CVE-2023-47246, concerns a path traversal]]> 2023-11-09T22:24:00+00:00 https://thehackernews.com/2023/11/zero-day-alert-lace-tempest-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8408634 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its infrastructure (domain names) and cloaking templates used]]> 2023-11-09T18:56:00+00:00 https://thehackernews.com/2023/11/new-malvertising-campaign-uses-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8408503 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution]]> 2023-11-09T16:24:00+00:00 https://thehackernews.com/2023/11/when-email-security-meets-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8408438 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. "The framework\'s web component is written in the Go programming language," Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been attributed to MuddyWater, an Iranian]]> 2023-11-09T16:20:00+00:00 https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html www.secnews.physaphae.fr/article.php?IdArticle=8408439 False Tool,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS]]> 2023-11-09T11:03:00+00:00 https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html www.secnews.physaphae.fr/article.php?IdArticle=8408279 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have developed what\'s the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim\'s environment without attracting any attention. "While this]]> 2023-11-08T19:49:00+00:00 https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8407907 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls" that masks users\' IP addresses to other parties by relaying the calls through its servers. "Calls are end-to-end encrypted, so even if a call is relayed through WhatsApp servers, WhatsApp cannot listen to your calls," the company said in a statement shared with The]]> 2023-11-08T19:27:00+00:00 https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8407908 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News. "[BlazeStealer]]]> 2023-11-08T18:27:00+00:00 https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8407875 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Download the free guide, "It\'s a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into generative AI engines. They use these tools to write]]> 2023-11-08T16:30:00+00:00 https://thehackernews.com/2023/11/guide-how-vcisos-msps-and-mssps-can.html www.secnews.physaphae.fr/article.php?IdArticle=8407813 False Tool,Technical ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so safeguarding the organization\'s SaaS app stack and data within is paramount. Yet, the path to implementing an effective SaaS security program is not]]> 2023-11-08T14:48:00+00:00 https://thehackernews.com/2023/11/webinar-kickstarting-your-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8407763 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities. Singapore-headquartered Group-IB, which attempted to infiltrate a private RaaS program that uses the Nokoyawa ransomware strain, said it underwent a "job interview" process with the]]> 2023-11-08T13:30:00+00:00 https://thehackernews.com/2023/11/experts-expose-farnetworks-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8407738 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf Threat Labs, which disclosed details of the malware, said it\'s used as part of the RustBucket malware campaign, which came to light earlier this year. "Based on previous attacks performed by BlueNoroff, we suspect that this malware was a late]]> 2023-11-07T19:28:00+00:00 https://thehackernews.com/2023/11/n-korean-bluenoroff-blamed-for-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=8407291 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group\'s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as CobaltStrike or RDP," IBM X-Force researchers Golo Mühr and Ole]]> 2023-11-07T17:58:00+00:00 https://thehackernews.com/2023/11/new-gootloader-malware-variant-evades.html www.secnews.physaphae.fr/article.php?IdArticle=8407229 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Numerous industries-including technology, financial services, energy, healthcare, and government-are rushing to incorporate cloud-based and containerized web applications.  The benefits are undeniable; however, this shift presents new security challenges.  OPSWAT\'s 2023 Web Application Security report reveals: 75% of organizations have modernized their infrastructure this year. 78% have]]> 2023-11-07T17:26:00+00:00 https://thehackernews.com/2023/11/confidence-in-file-upload-security-is.html www.secnews.physaphae.fr/article.php?IdArticle=8407230 False Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT, but also how defenders can use it for leveling up their game. ChatGPT is the most swiftly growing consumer application to date. The extremely popular generative AI chatbot has the ability to generate human-like, coherent and contextually relevant responses.]]> 2023-11-07T15:51:00+00:00 https://thehackernews.com/2023/11/offensive-and-defensive-ai-lets-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8407178 False Tool,Threat ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, with the attacks also designed to infiltrate Linux systems with a]]> 2023-11-07T14:29:00+00:00 https://thehackernews.com/2023/11/sidecopy-exploiting-winrar-flaw-in.html www.secnews.physaphae.fr/article.php?IdArticle=8407145 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber (aka C3RB3R) ransomware. Both vulnerabilities are critical, allowing threat]]> 2023-11-07T12:44:00+00:00 https://thehackernews.com/2023/11/experts-warn-of-ransomware-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8407092 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 (CVSS score: 9.9) - An unspecified flaw that can be leveraged by an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration]]> 2023-11-07T10:38:00+00:00 https://thehackernews.com/2023/11/critical-flaws-discovered-in-veeam-one.html www.secnews.physaphae.fr/article.php?IdArticle=8407052 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an information stealer malware known as Jupyter has resurfaced with "simple yet impactful changes" that aim to stealthily establish a persistent foothold on compromised systems. "The team has discovered new waves of Jupyter Infostealer attacks which leverage PowerShell command modifications and signatures of private keys in attempts to pass off the malware as a legitimately]]> 2023-11-06T22:53:00+00:00 https://thehackernews.com/2023/11/new-jupyter-infostealer-version-emerges.html www.secnews.physaphae.fr/article.php?IdArticle=8406733 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud. "If exploited, the vulnerability could allow remote attackers to execute commands via a network," the]]> 2023-11-06T22:25:00+00:00 https://thehackernews.com/2023/11/qnap-releases-patch-for-2-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8406734 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware. Dropper malware on Android is designed to function as a conduit to install a payload on a compromised device, making it a lucrative business model for threat actors, who can advertise the capabilities]]> 2023-11-06T19:39:00+00:00 https://thehackernews.com/2023/11/securidropper-new-android-dropper-as.html www.secnews.physaphae.fr/article.php?IdArticle=8406682 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware. The intrusions, which took place as recently as October, have been attributed to an Iranian nation-state hacking crew it tracks under the name Agonizing Serpens, which is also known as Agrius,]]> 2023-11-06T16:02:00+00:00 https://thehackernews.com/2023/11/iranian-hackers-launches-destructive.html www.secnews.physaphae.fr/article.php?IdArticle=8406527 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023. "The script creates a \'Covert Channel\' by exploiting the event]]> 2023-11-06T13:55:00+00:00 https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html www.secnews.physaphae.fr/article.php?IdArticle=8406528 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of the Treasury imposed sanctions against a Russian woman for taking part in the laundering of virtual currency for the country\'s elites and cybercriminal crews, including the Ryuk ransomware group. Ekaterina Zhdanova, per the department, is said to have facilitated large cross border transactions to assist Russian individuals to gain access to Western financial markets and]]> 2023-11-06T11:00:00+00:00 https://thehackernews.com/2023/11/us-treasury-targets-russian-money.html www.secnews.physaphae.fr/article.php?IdArticle=8406529 False Ransomware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That\'s according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it as an "intricate modular framework that supports both Linux and Windows." The Russian cybersecurity]]> 2023-11-04T15:04:00+00:00 https://thehackernews.com/2023/11/stripedfly-malware-operated-unnoticed.html www.secnews.physaphae.fr/article.php?IdArticle=8405899 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing session tokens that could be used for session hijacking attacks. "The]]> 2023-11-04T11:33:00+00:00 https://thehackernews.com/2023/11/oktas-recent-customer-support-data.html www.secnews.physaphae.fr/article.php?IdArticle=8405766 False Data Breach None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is rolling out an "Independent security review" badge in the Play Store\'s Data safety section for Android apps that have undergone a Mobile Application Security Assessment (MASA) audit. "We\'ve launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle," Nataliya Stanetsky of the Android Security and Privacy Team said.]]> 2023-11-04T11:08:00+00:00 https://thehackernews.com/2023/11/google-play-store-introduces.html www.secnews.physaphae.fr/article.php?IdArticle=8405767 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP)," cloud]]> 2023-11-03T18:42:00+00:00 https://thehackernews.com/2023/11/kinsing-actors-exploit-linux-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8405322 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer. "Clicking on ads immediately downloads an archive containing a malicious .exe \'Photo Album\' file which also drops a second executable written in .NET – this payload is in charge of]]> 2023-11-03T17:42:00+00:00 https://thehackernews.com/2023/11/nodestealer-malware-hijacking-facebook.html www.secnews.physaphae.fr/article.php?IdArticle=8405323 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes.  As the threat landscape evolves and generative AI is added to the toolsets available to defenders and attackers alike, evaluating the relative effectiveness of various AI-based security offerings is increasingly important - and difficult. Asking the right questions can help you spot solutions]]> 2023-11-03T16:56:00+00:00 https://thehackernews.com/2023/11/predictive-ai-in-cybersecurity-outcomes.html www.secnews.physaphae.fr/article.php?IdArticle=8405324 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy. These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts 2 million users. "The trojanized]]> 2023-11-03T15:05:00+00:00 https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html www.secnews.physaphae.fr/article.php?IdArticle=8405325 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems. "These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install," software supply chain security firm Phylum said. All the counterfeit packages have been published by]]> 2023-11-03T11:33:00+00:00 https://thehackernews.com/2023/11/48-malicious-npm-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8405326 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened in China. While the mysterious control payload – aka kill switch – stripped Mozi bots of most]]> 2023-11-02T19:15:00+00:00 https://thehackernews.com/2023/11/mysterious-kill-switch-disrupts-mozi.html www.secnews.physaphae.fr/article.php?IdArticle=8405327 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees\' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter]]> 2023-11-02T14:54:00+00:00 https://thehackernews.com/2023/11/saas-security-is-now-accessible-and.html www.secnews.physaphae.fr/article.php?IdArticle=8404604 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign "exhibits updated TTPs to previously reported MuddyWater activity,"]]> 2023-11-02T14:51:00+00:00 https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404605 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges," Takahiro Haruyama, a]]> 2023-11-02T14:29:00+00:00 https://thehackernews.com/2023/11/researchers-find-34-windows-drivers.html www.secnews.physaphae.fr/article.php?IdArticle=8404606 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest fidelity of vulnerability assessment for both industry and the public," FIRST said in a statement.]]> 2023-11-02T10:49:00+00:00 https://thehackernews.com/2023/11/first-announces-cvss-40-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404607 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a]]> 2023-11-02T09:57:00+00:00 https://thehackernews.com/2023/11/hellokitty-ransomware-group-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8404608 False Ransomware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that\'s offered to other threat actors for at least over the past four years. Prolific Puma creates "domain names with an RDGA [registered domain generation algorithm] and use these domains to provide a link shortening service to other malicious actors, helping them evade]]> 2023-11-01T20:25:00+00:00 https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html www.secnews.physaphae.fr/article.php?IdArticle=8404158 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The browser has become the main work interface in modern enterprises. It\'s where employees create and interact with data, and how they access organizational and external SaaS and web apps. As a result, the browser is extensively targeted by adversaries. They seek to steal the data it stores and use it for malicious access to organizational SaaS apps or the hosting machine. Additionally,]]> 2023-11-01T17:23:00+00:00 https://thehackernews.com/2023/11/hands-on-review-layerxs-enterprise.html www.secnews.physaphae.fr/article.php?IdArticle=8404093 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor affiliated with Iran\'s Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year. Israeli cybersecurity firm Check Point, which discovered the campaign alongside Sygnia, is tracking the actor under the name Scarred]]> 2023-11-01T16:52:00+00:00 https://thehackernews.com/2023/11/iranian-cyber-espionage-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8404027 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) State-sponsored threat actors from the Democratic People\'s Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back to April 2023, exhibits overlaps with the infamous adversarial collective Lazarus Group, citing an analysis of the]]> 2023-11-01T14:32:00+00:00 https://thehackernews.com/2023/11/north-korean-hackers-tageting-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8403987 False Malware,Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive Ursa. "As the code of the upgraded revision of Kazuar reveals, the authors put special emphasis on Kazuar\'s ability to]]> 2023-11-01T12:51:00+00:00 https://thehackernews.com/2023/11/turla-updates-kazuar-backdoor-with.html www.secnews.physaphae.fr/article.php?IdArticle=8403950 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution]]> 2023-11-01T10:23:00+00:00 https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8403894 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper\'s Android malware has a number of features that enable the operators to surreptitiously collect sensitive information from victims\' devices]]> 2023-10-31T19:46:00+00:00 https://thehackernews.com/2023/10/arid-viper-targeting-arabic-android.html www.secnews.physaphae.fr/article.php?IdArticle=8403559 False Malware,Threat APT-C-23,APT-C-23 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing since August 1, 2023, while linking it to a host of rogue NuGet packages that were observed delivering a remote access trojan called]]> 2023-10-31T17:34:00+00:00 https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html www.secnews.physaphae.fr/article.php?IdArticle=8403479 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration tester and the precision of pen testing solutions are crucial for staying on top of today\'s high]]> 2023-10-31T16:51:00+00:00 https://thehackernews.com/2023/10/pentestpad-platform-for-pentest-teams.html www.secnews.physaphae.fr/article.php?IdArticle=8403480 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data loss if exploited by an unauthenticated attacker." Tracked as CVE-2023-22518, the vulnerability is rated 9.1 out of a maximum of 10 on the CVSS scoring system. It has been described as an instance of "improper authorization vulnerability." All versions of Confluence Data]]> 2023-10-31T16:46:00+00:00 https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8403481 False Vulnerability None 3.0000000000000000