This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-28T05:23:00+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain Earlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems. [...]]]> 2023-07-20T08:02:05+00:00 https://www.bleepingcomputer.com/news/security/new-p2pinfect-worm-malware-targets-linux-and-windows-redis-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8359231 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers.  [...]]]> 2023-07-20T07:01:12+00:00 https://www.bleepingcomputer.com/news/security/apt41-hackers-target-android-users-with-wyrmspy-dragonegg-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8359232 False None APT 41,APT 41 2.0000000000000000 Bleeping Computer - Magazine Américain Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]]]> 2023-07-19T19:51:24+00:00 https://www.bleepingcomputer.com/news/security/est-e-lauder-beauty-giant-breached-by-two-ransomware-gangs/ www.secnews.physaphae.fr/article.php?IdArticle=8359058 False Ransomware None 4.0000000000000000 Bleeping Computer - Magazine Américain Microsoft and the Ukraine CERT warn of new attacks by the Russian state-sponsored Turla hacking group, targeting the defense industry and Microsoft Exchange servers with a new \'DeliveryCheck\' malware backdoor. [...]]]> 2023-07-19T15:06:38+00:00 https://www.bleepingcomputer.com/news/security/microsoft-hackers-turn-exchange-servers-into-malware-control-centers/ www.secnews.physaphae.fr/article.php?IdArticle=8358945 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cyber ​​Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. [...]]]> 2023-07-19T07:03:45+00:00 https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8358750 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. [...]]]> 2023-07-19T06:18:09+00:00 https://www.bleepingcomputer.com/news/security/us-govt-bans-european-spyware-vendors-intellexa-and-cytrox/ www.secnews.physaphae.fr/article.php?IdArticle=8358751 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks. [...]]]> 2023-07-18T21:12:18+00:00 https://www.bleepingcomputer.com/news/security/us-preparing-cyber-trust-mark-for-more-secure-smart-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8358594 False None None 1.00000000000000000000 Bleeping Computer - Magazine Américain When insurers assess an organization\'s cybersecurity posture, password security is a key element considered. Learn more from Specops Software on how password security can affect your insurance premiums. [...]]]> 2023-07-18T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/strengthening-password-security-may-lower-cyber-insurance-premiums/ www.secnews.physaphae.fr/article.php?IdArticle=8358385 False General Information None 2.0000000000000000 Bleeping Computer - Magazine Américain A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version. [...]]]> 2023-07-18T09:15:04+00:00 https://www.bleepingcomputer.com/news/security/fin8-deploys-alphv-ransomware-using-sardonic-malware-variant/ www.secnews.physaphae.fr/article.php?IdArticle=8358262 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers. [...]]]> 2023-07-17T09:20:21+00:00 https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/ www.secnews.physaphae.fr/article.php?IdArticle=8357745 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface. [...]]]> 2023-07-16T10:09:18+00:00 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8357469 False Studies None 2.0000000000000000 Bleeping Computer - Magazine Américain Ukraine\'s Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour. [...]]]> 2023-07-15T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/gamaredon-hackers-start-stealing-data-30-minutes-after-a-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8357470 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says it still doesn\'t know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies. [...]]]> 2023-07-14T16:18:48+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-still-unsure-how-hackers-stole-azure-ad-signing-key/ www.secnews.physaphae.fr/article.php?IdArticle=8356689 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-07-14T10:23:39+00:00 https://www.bleepingcomputer.com/news/security/colorado-state-university-says-data-breach-impacts-students-staff/ www.secnews.physaphae.fr/article.php?IdArticle=8356571 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Criminal IP, a leading Cyber Threat Intelligence search engine, has formed a powerful alliance with Tines, a renowned provider of no-code automation solutions. [...]]]> 2023-07-14T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-tines-forge-powerful-tech-alliance/ www.secnews.physaphae.fr/article.php?IdArticle=8356547 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them. [...]]]> 2023-07-14T04:09:40+00:00 https://www.bleepingcomputer.com/news/security/shutterfly-says-clop-ransomware-attack-did-not-impact-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8356447 False Ransomware,Data Breach,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service. [...]]]> 2023-07-14T02:35:08+00:00 https://www.bleepingcomputer.com/news/security/avrecon-malware-infects-70-000-linux-routers-to-build-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8356448 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps. [...]]]> 2023-07-13T15:20:30+00:00 https://www.bleepingcomputer.com/news/google/google-play-will-enforce-business-checks-to-curb-malware-submissions/ www.secnews.physaphae.fr/article.php?IdArticle=8356176 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]]]> 2023-07-13T14:28:48+00:00 https://www.bleepingcomputer.com/news/security/fake-linux-vulnerability-exploit-drops-data-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8356143 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community. [...]]]> 2023-07-13T11:14:29+00:00 https://www.bleepingcomputer.com/news/security/source-code-for-blacklotus-windows-uefi-malware-leaked-on-github/ www.secnews.physaphae.fr/article.php?IdArticle=8356065 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain What\'s old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023 [...]]]> 2023-07-13T01:02:04+00:00 https://www.bleepingcomputer.com/news/security/usb-drive-malware-attacks-spiking-again-in-first-half-of-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8355837 False Malware None 4.0000000000000000 Bleeping Computer - Magazine Américain A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. [...]]]> 2023-07-12T17:50:44+00:00 https://www.bleepingcomputer.com/news/security/new-pyloose-linux-malware-mines-crypto-directly-from-memory/ www.secnews.physaphae.fr/article.php?IdArticle=8355567 False Malware,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers\' data in a likely MOVEit Transfer data-theft attack. [...]]]> 2023-07-11T11:51:04+00:00 https://www.bleepingcomputer.com/news/security/deutsche-bank-confirms-provider-breach-exposed-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8354407 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain HCA Healthcare disclosed a data breach impacting an estimated 11 million patients who received care at one of its hospitals and clinics after a threat actor posted samples of stolen data on a hacking forum. [...]]]> 2023-07-11T10:59:20+00:00 https://www.bleepingcomputer.com/news/security/hca-confirms-breach-after-hacker-steals-data-of-11-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8354408 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter. [...]]]> 2023-07-10T11:00:49+00:00 https://www.bleepingcomputer.com/news/security/razer-investigates-data-breach-claims-resets-user-sessions/ www.secnews.physaphae.fr/article.php?IdArticle=8354043 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems. [...]]]> 2023-07-09T10:13:16+00:00 https://www.bleepingcomputer.com/news/security/charming-kitten-hackers-use-new-noknok-malware-for-macos/ www.secnews.physaphae.fr/article.php?IdArticle=8353811 False Malware APT 35,APT 35 2.0000000000000000 Bleeping Computer - Magazine Américain Today\'s update introduces several significant Android Windows Subsystem improvements. Firstly, enhancements have been made to camera compatibility, thus improving the experience of using Android apps that require camera access. [...]]]> 2023-07-09T09:49:40+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-android-gets-july-2023-preview-with-new-features/ www.secnews.physaphae.fr/article.php?IdArticle=8353803 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month\'s Android security updates. [...]]]> 2023-07-07T14:54:11+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8353442 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution (RCE) vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. [...]]]> 2023-07-06T12:57:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-netwrix-auditor-rce-bug-exploited-in-truebot-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8352977 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Nickelodeon has confirmed that the data leaked from an alleged breach of the company is legitimate but it appears to be decades old. [...]]]> 2023-07-06T11:03:36+00:00 https://www.bleepingcomputer.com/news/security/nickelodeon-investigates-breach-after-leak-of-decades-old-data/ www.secnews.physaphae.fr/article.php?IdArticle=8352923 False None APT 15 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the monthly security updates for Android operating system, which comes with fixes for 46 vulnerabilities. Three of the issues are likely actively exploited in the wild. [...]]]> 2023-07-06T05:44:52+00:00 https://www.bleepingcomputer.com/news/security/android-july-security-updates-fix-three-actively-exploited-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8352850 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A member of U.S. Navy\'s red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. [...]]]> 2023-07-05T11:03:34+00:00 https://www.bleepingcomputer.com/news/security/new-tool-exploits-microsoft-teams-bug-to-send-malware-to-users/ www.secnews.physaphae.fr/article.php?IdArticle=8352494 False Malware,Tool None 4.0000000000000000 Bleeping Computer - Magazine Américain The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals. [...]]]> 2023-07-05T06:00:39+00:00 https://www.bleepingcomputer.com/news/security/japans-largest-port-stops-operations-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8352395 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to release stolen data. [...]]]> 2023-06-30T09:45:30+00:00 https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/ www.secnews.physaphae.fr/article.php?IdArticle=8351015 False Ransomware,Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain Security analysts have discovered a previously undocumented remote access trojan (RAT) named \'EarlyRAT,\' used by Andariel, a sub-group of the Lazarus North Korean state-sponsored hacking group. [...]]]> 2023-06-29T13:39:41+00:00 https://www.bleepingcomputer.com/news/security/new-earlyrat-malware-linked-to-north-korean-andariel-hacking-group/ www.secnews.physaphae.fr/article.php?IdArticle=8350710 False Malware APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser extension or mobile app on Android and iOS.manager. [...]]]> 2023-06-29T10:56:35+00:00 https://www.bleepingcomputer.com/news/security/proton-launches-open-source-password-manager-with-some-limitations/ www.secnews.physaphae.fr/article.php?IdArticle=8350641 False General Information None 3.0000000000000000 Bleeping Computer - Magazine Américain OSINT-based CTI search engine Criminal IP has launched a bug bounty program aimed at strengthening the safety of its services and protecting its users. [...]]]> 2023-06-29T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-unveils-bug-bounty-program-to-boost-user-safety-security/ www.secnews.physaphae.fr/article.php?IdArticle=8350642 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The NPM (Node Package Manager) registry suffers from a security lapse called "manifest confusion," which undermines the trustworthiness of packages and makes it possible for attackers to hide malware in dependencies or perform malicious script execution during installation. [...]]]> 2023-06-28T10:28:35+00:00 https://www.bleepingcomputer.com/news/security/npm-ecosystem-at-risk-from-manifest-confusion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8350168 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform. [...]]]> 2023-06-27T14:11:47+00:00 https://www.bleepingcomputer.com/news/security/siemens-energy-confirms-data-breach-after-moveit-data-theft-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8349845 False Ransomware,Data Breach,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new process injection technique named \'Mockingjay\' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other security products to stealthily execute malicious code on compromised systems. [...]]]> 2023-06-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8349729 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new mobile malware campaign since March 2023 pushes the Android banking trojan \'Anatsa\' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland. [...]]]> 2023-06-26T13:21:29+00:00 https://www.bleepingcomputer.com/news/security/anatsa-android-trojan-now-steals-banking-info-from-users-in-us-uk/ www.secnews.physaphae.fr/article.php?IdArticle=8349420 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. [...]]]> 2023-06-26T12:39:22+00:00 https://www.bleepingcomputer.com/news/security/new-pindos-javascript-dropper-deploys-bumblebee-icedid-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8349421 False Ransomware,Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server. [...]]]> 2023-06-26T12:15:39+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-45-000-new-york-city-students-in-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8349401 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A trojanized installer for a popular Super Mario Bros game has been infecting unsuspecting players with multiple Windows malware families. [...]]]> 2023-06-25T10:36:18+00:00 https://www.bleepingcomputer.com/news/security/trojanized-super-mario-game-used-to-install-windows-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8349359 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps.  [...]]]> 2023-06-24T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/lastpass-users-furious-after-being-locked-out-due-to-mfa-resets/ www.secnews.physaphae.fr/article.php?IdArticle=8348921 False None LastPass,LastPass 2.0000000000000000 Bleeping Computer - Magazine Américain American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the hack of Pilot Credentials, a third-party vendor that manages multiple airlines\' pilot applications and recruitment portals. [...]]]> 2023-06-24T03:02:13+00:00 https://www.bleepingcomputer.com/news/security/american-airlines-southwest-airlines-disclose-data-breaches-affecting-pilots/ www.secnews.physaphae.fr/article.php?IdArticle=8348854 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. [...]]]> 2023-06-23T14:06:38+00:00 https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-iphone-bugs-abused-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8348606 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain PBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people was stolen in the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-06-23T11:06:33+00:00 https://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8348533 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. [...]]]> 2023-06-22T17:15:08+00:00 https://www.bleepingcomputer.com/news/security/microsoft-teams-bug-allows-malware-delivery-from-external-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8348263 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. National Security Agency (NSA) released today guidance on how to defend against BlackLotus UEFI bootkit malware attacks. [...]]]> 2023-06-22T16:50:44+00:00 https://www.bleepingcomputer.com/news/security/nsa-shares-tips-on-blocking-blacklotus-uefi-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8348237 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers\' credit cards and personal information. [...]]]> 2023-06-21T18:01:32+00:00 https://www.bleepingcomputer.com/news/security/iottie-discloses-data-breach-after-site-hacked-to-steal-credit-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8347849 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean APT37 hacking group uses a new \'FadeStealer\' information-stealing malware containing a \'wiretapping\' feature, allowing the threat actor to snoop and record from victims\' microphones. [...]]]> 2023-06-21T16:16:11+00:00 https://www.bleepingcomputer.com/news/security/apt37-hackers-deploy-new-fadestealer-eavesdropping-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347834 False Malware,Threat APT 37,APT 37 2.0000000000000000 Bleeping Computer - Magazine Américain Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. [...]]]> 2023-06-21T14:31:59+00:00 https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-days-used-to-deploy-triangulation-spyware-via-imessage/ www.secnews.physaphae.fr/article.php?IdArticle=8347804 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks. [...]]]> 2023-06-21T13:43:49+00:00 https://www.bleepingcomputer.com/news/security/ups-discloses-data-breach-after-exposed-customer-info-used-in-sms-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8347779 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named \'Graphican\' in a new campaign between late 2022 and early 2023. [...]]]> 2023-06-21T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/chinese-apt15-hackers-resurface-with-new-graphican-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347642 False Malware APT 15,APT 15 3.0000000000000000 Bleeping Computer - Magazine Américain A new DDoS-as-a-Service botnet called "Condi" emerged in May 2023, exploiting a vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to build an army of bots to conduct attacks. [...]]]> 2023-06-20T17:06:17+00:00 https://www.bleepingcomputer.com/news/security/new-condi-malware-builds-ddos-botnet-out-of-tp-link-ax21-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8347473 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning that their data will soon be leaked after an extortion demand was not paid. [...]]]> 2023-06-20T16:17:11+00:00 https://www.bleepingcomputer.com/news/security/hackers-warn-university-of-manchester-students-of-imminent-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8347474 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner. [...]]]> 2023-06-20T13:50:59+00:00 https://www.bleepingcomputer.com/news/security/hackers-infect-linux-ssh-servers-with-tsunami-botnet-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347429 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A threat group tracked as APT28 and linked to Russia\'s General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities. [...]]]> 2023-06-20T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/russian-apt28-hackers-breach-ukrainian-govt-email-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8347329 False Threat APT 28 2.0000000000000000 Bleeping Computer - Magazine Américain A cyberespionage and hacking campaign tracked as \'RedClouds\' uses the custom \'RDStealer\' malware to automatically steal data from drives shared through Remote Desktop connections. [...]]]> 2023-06-20T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-rdstealer-malware-steals-from-drives-shared-over-remote-desktop/ www.secnews.physaphae.fr/article.php?IdArticle=8347328 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain More than 101,000 ChatGPT user accounts have been compromised by information stealers over the past year, according to dark web marketplace data. [...]]]> 2023-06-20T04:00:00+00:00 https://www.bleepingcomputer.com/news/security/over-100-000-chatgpt-accounts-stolen-via-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347307 False Malware ChatGPT,ChatGPT 2.0000000000000000 Bleeping Computer - Magazine Américain Des Moines Public Schools, Iowa\'s largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023. [...]]]> 2023-06-19T16:16:36+00:00 https://www.bleepingcomputer.com/news/security/iowas-largest-school-district-confirms-ransomware-attack-data-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8347117 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A malware campaign is using fake OnlyFans content and adult lures to install a remote access trojan known as \'DcRAT,\' allowing threat actors to steal data and credentials or deploy ransomware on the infected device. [...]]]> 2023-06-19T13:14:23+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-fake-onlyfans-pics-to-drop-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347066 False Ransomware,Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Three Android apps on Google Play were used by state-sponsored threat actors to collect intelligence from targeted devices, such as location data and contact lists. [...]]]> 2023-06-19T11:22:50+00:00 https://www.bleepingcomputer.com/news/security/android-spyware-camouflaged-as-vpn-chat-apps-on-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8347034 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. [...]]]> 2023-06-18T12:01:03+00:00 https://www.bleepingcomputer.com/news/security/reddit-hackers-threaten-to-leak-data-stolen-in-february-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8346738 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new information-stealing malware named \'Mystic Stealer,\' has been promoted on hacking forums and darknet markets since April 2023, quickly gaining traction in the cybercrime community. [...]]]> 2023-06-18T11:14:07+00:00 https://www.bleepingcomputer.com/news/security/new-mystic-stealer-malware-increasingly-used-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8346703 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. State Department\'s Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the Clop ransomware attacks to a foreign government. [...]]]> 2023-06-17T16:06:22+00:00 https://www.bleepingcomputer.com/news/security/us-govt-offers-10-million-bounty-for-info-on-clop-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8346527 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A team of university researchers has devised a new side-channel attack named \'Freaky Leaky SMS,\' which relies on the timing of SMS delivery reports to deduce a recipient\'s location. [...]]]> 2023-06-17T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/sms-delivery-reports-can-be-used-to-infer-recipients-location/ www.secnews.physaphae.fr/article.php?IdArticle=8346509 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Windows 11 22H2 KB5027231 cumulative update released during this month\'s Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions. [...]]]> 2023-06-16T12:56:21+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5027231-also-breaks-chrome-for-cisco-watchguard-edr-users/ www.secnews.physaphae.fr/article.php?IdArticle=8346248 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Louisiana and Oregon warn that millions of driver\'s licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data. [...]]]> 2023-06-16T10:28:13+00:00 https://www.bleepingcomputer.com/news/security/millions-of-oregon-louisiana-state-ids-stolen-in-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8346197 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices with a trojanized chat app named \'BingeChat,\' which attempts to steal data from victims\' devices. [...]]]> 2023-06-15T12:10:17+00:00 https://www.bleepingcomputer.com/news/security/android-gravityrat-malware-now-steals-your-whatsapp-backups/ www.secnews.physaphae.fr/article.php?IdArticle=8345811 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data. [...]]]> 2023-06-15T11:39:03+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-gang-starts-extorting-moveit-data-theft-victims/ www.secnews.physaphae.fr/article.php?IdArticle=8345789 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine\'s military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [...]]]> 2023-06-15T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-use-powershell-usb-malware-to-drop-backdoors/ www.secnews.physaphae.fr/article.php?IdArticle=8345745 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the search hijacker and adware browser extension named Shampoo. [...]]]> 2023-06-14T13:56:33+00:00 https://www.bleepingcomputer.com/news/security/new-shampoo-chromeloader-malware-pushed-via-fake-warez-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8345437 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The Chinese threat group \'ChamelGang\' infects Linux devices with a previously unknown implant named \'ChamelDoH,\' allowing DNS-over-HTTPS communications with attackers\' servers. [...]]]> 2023-06-14T13:01:08+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-use-dns-over-https-for-linux-malware-communication/ www.secnews.physaphae.fr/article.php?IdArticle=8345382 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware. [...]]]> 2023-06-14T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/fake-zero-day-poc-exploits-on-github-push-windows-linux-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8345239 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade detection. [...]]]> 2023-06-13T17:16:30+00:00 https://www.bleepingcomputer.com/news/security/pirated-windows-10-isos-install-clipper-malware-via-efi-partitions/ www.secnews.physaphae.fr/article.php?IdArticle=8344997 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Romanian national Mihai Ionut Paunescu, aka "Virus," was sentenced to three years in prison by a Manhattan federal court for running a bulletproof hosting service and facilitating the distribution of the Gozi (Ursnif), Zeus, SpyEye, and BlackEnergy malware. [...]]]> 2023-06-13T10:52:14+00:00 https://www.bleepingcomputer.com/news/security/bulletproof-hoster-gets-3-years-for-pushing-urfsnif-zeus-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8344842 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database now shared on a hacking forum. [...]]]> 2023-06-12T13:59:35+00:00 https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-new-zacks-data-breach-impacting-8-million/ www.secnews.physaphae.fr/article.php?IdArticle=8344475 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while today, it warns that it is now targeted in DDoS attacks. [...]]]> 2023-06-12T10:58:06+00:00 https://www.bleepingcomputer.com/news/security/swiss-government-warns-of-ongoing-ddos-attacks-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8344415 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening. [...]]]> 2023-06-09T18:06:51+00:00 https://www.bleepingcomputer.com/news/security/ukrainian-hackers-take-down-service-provider-for-russian-banks/ www.secnews.physaphae.fr/article.php?IdArticle=8343785 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A hacking group tracked as \'Asylum Ambuscade\' was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber espionage with cybercrime. [...]]]> 2023-06-08T15:21:33+00:00 https://www.bleepingcomputer.com/news/security/asylum-ambuscade-hackers-mix-cybercrime-with-espionage/ www.secnews.physaphae.fr/article.php?IdArticle=8343392 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Google Chrome is getting new security-enhancing features for the built-in Password Manager, making it easier for users to manage their passwords and stay safe from account hijacking attacks. [...]]]> 2023-06-08T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-chrome-password-manager-gets-new-safeguards-for-your-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8343350 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of its servers. [...]]]> 2023-06-08T10:22:14+00:00 https://www.bleepingcomputer.com/news/security/japanese-pharma-giant-eisai-discloses-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8343327 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Honda\'s e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API flaws that allow password reset for any account. [...]]]> 2023-06-07T16:10:57+00:00 https://www.bleepingcomputer.com/news/security/honda-api-flaws-exposed-customer-data-dealer-panels-internal-docs/ www.secnews.physaphae.fr/article.php?IdArticle=8343133 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new \'Fractureiser\' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects. [...]]]> 2023-06-07T12:34:06+00:00 https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ www.secnews.physaphae.fr/article.php?IdArticle=8343074 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Over 60,000 Android apps disguised as legitimate applications have been quietly installing adware on mobile devices while remaining undetected for the past six months. [...]]]> 2023-06-06T15:10:26+00:00 https://www.bleepingcomputer.com/news/security/over-60-000-android-apps-secretly-installed-adware-for-past-six-months/ www.secnews.physaphae.fr/article.php?IdArticle=8342698 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Stealer logs represent one of the primary threat vectors for modern companies. This Flare explainer article will delve into the lifecycle of stealer malware and provide tips for detection and remediation. [...]]]> 2023-06-06T10:04:08+00:00 https://www.bleepingcomputer.com/news/security/dissecting-the-dark-web-supply-chain-stealer-logs-in-context/ www.secnews.physaphae.fr/article.php?IdArticle=8342626 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December. [...]]]> 2023-06-06T09:19:37+00:00 https://www.bleepingcomputer.com/news/security/android-security-update-fixes-mali-gpu-bug-exploited-as-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8343038 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new PowerShell malware script named \'PowerDrop\' has been discovered to be used in attacks targeting the U.S. aerospace defense industry. [...]]]> 2023-06-06T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-powerdrop-powershell-malware-targets-us-aerospace-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8342628 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies\' servers and steal data. [...]]]> 2023-06-05T17:27:12+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-moveit-extortion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8342301 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a new \'Triangulation\' malware. [...]]]> 2023-06-05T13:58:29+00:00 https://www.bleepingcomputer.com/news/security/new-tool-scans-iphones-for-triangulation-malware-infection/ www.secnews.physaphae.fr/article.php?IdArticle=8342289 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30 million times. [...]]]> 2023-06-05T12:50:51+00:00 https://www.bleepingcomputer.com/news/security/spinok-android-malware-found-in-more-apps-with-30-million-installs/ www.secnews.physaphae.fr/article.php?IdArticle=8342216 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain KeePass has released version 2.54, fixing the CVE-2023-3278 vulnerability that allows the extraction of the cleartext master password from the application\'s memory. [...]]]> 2023-06-05T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/keepass-v254-fixes-bug-that-leaked-cleartext-master-password/ www.secnews.physaphae.fr/article.php?IdArticle=8342200 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials for more damaging attacks. [...]]]> 2023-06-03T11:52:24+00:00 https://www.bleepingcomputer.com/news/security/online-sellers-targeted-by-new-information-stealing-malware-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8341797 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially" accessed or stolen during what the company described in February as a "cyber incident."  [...]]]> 2023-06-02T12:19:20+00:00 https://www.bleepingcomputer.com/news/security/burton-snowboards-discloses-data-breach-after-february-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8341534 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool. [...]]]> 2023-06-01T16:54:40+00:00 https://www.bleepingcomputer.com/news/security/new-horabot-campaign-takes-over-victims-gmail-outlook-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8341327 False Spam,Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Harvard Pilgrim Health Care (HPHC) has disclosed that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, with the threat actors also stealing their sensitive data from compromised systems. [...]]]> 2023-06-01T13:02:54+00:00 https://www.bleepingcomputer.com/news/security/harvard-pilgrim-health-care-ransomware-attack-hits-25-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8341260 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Russia blames these attacks on US intelligence agencies. [...]]]> 2023-06-01T12:11:28+00:00 https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8341261 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google announced today that bug bounty hunters who report sandbox escape chain exploits targeting its Chrome web browser are now eligible for triple the standard reward until December 1st, 2023. [...]]]> 2023-06-01T12:00:00+00:00 https://www.bleepingcomputer.com/news/google/google-triples-rewards-for-chrome-sandbox-escape-chain-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8341262 False None None 3.0000000000000000