This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-03T00:51:21+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer. "Clicking on ads immediately downloads an archive containing a malicious .exe \'Photo Album\' file which also drops a second executable written in .NET – this payload is in charge of]]> 2023-11-03T17:42:00+00:00 https://thehackernews.com/2023/11/nodestealer-malware-hijacking-facebook.html www.secnews.physaphae.fr/article.php?IdArticle=8405323 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes.  As the threat landscape evolves and generative AI is added to the toolsets available to defenders and attackers alike, evaluating the relative effectiveness of various AI-based security offerings is increasingly important - and difficult. Asking the right questions can help you spot solutions]]> 2023-11-03T16:56:00+00:00 https://thehackernews.com/2023/11/predictive-ai-in-cybersecurity-outcomes.html www.secnews.physaphae.fr/article.php?IdArticle=8405324 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy. These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts 2 million users. "The trojanized]]> 2023-11-03T15:05:00+00:00 https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html www.secnews.physaphae.fr/article.php?IdArticle=8405325 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems. "These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install," software supply chain security firm Phylum said. All the counterfeit packages have been published by]]> 2023-11-03T11:33:00+00:00 https://thehackernews.com/2023/11/48-malicious-npm-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8405326 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened in China. While the mysterious control payload – aka kill switch – stripped Mozi bots of most]]> 2023-11-02T19:15:00+00:00 https://thehackernews.com/2023/11/mysterious-kill-switch-disrupts-mozi.html www.secnews.physaphae.fr/article.php?IdArticle=8405327 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees\' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter]]> 2023-11-02T14:54:00+00:00 https://thehackernews.com/2023/11/saas-security-is-now-accessible-and.html www.secnews.physaphae.fr/article.php?IdArticle=8404604 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign "exhibits updated TTPs to previously reported MuddyWater activity,"]]> 2023-11-02T14:51:00+00:00 https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404605 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges," Takahiro Haruyama, a]]> 2023-11-02T14:29:00+00:00 https://thehackernews.com/2023/11/researchers-find-34-windows-drivers.html www.secnews.physaphae.fr/article.php?IdArticle=8404606 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest fidelity of vulnerability assessment for both industry and the public," FIRST said in a statement.]]> 2023-11-02T10:49:00+00:00 https://thehackernews.com/2023/11/first-announces-cvss-40-new.html www.secnews.physaphae.fr/article.php?IdArticle=8404607 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a]]> 2023-11-02T09:57:00+00:00 https://thehackernews.com/2023/11/hellokitty-ransomware-group-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8404608 False Ransomware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that\'s offered to other threat actors for at least over the past four years. Prolific Puma creates "domain names with an RDGA [registered domain generation algorithm] and use these domains to provide a link shortening service to other malicious actors, helping them evade]]> 2023-11-01T20:25:00+00:00 https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html www.secnews.physaphae.fr/article.php?IdArticle=8404158 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The browser has become the main work interface in modern enterprises. It\'s where employees create and interact with data, and how they access organizational and external SaaS and web apps. As a result, the browser is extensively targeted by adversaries. They seek to steal the data it stores and use it for malicious access to organizational SaaS apps or the hosting machine. Additionally,]]> 2023-11-01T17:23:00+00:00 https://thehackernews.com/2023/11/hands-on-review-layerxs-enterprise.html www.secnews.physaphae.fr/article.php?IdArticle=8404093 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor affiliated with Iran\'s Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year. Israeli cybersecurity firm Check Point, which discovered the campaign alongside Sygnia, is tracking the actor under the name Scarred]]> 2023-11-01T16:52:00+00:00 https://thehackernews.com/2023/11/iranian-cyber-espionage-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8404027 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) State-sponsored threat actors from the Democratic People\'s Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back to April 2023, exhibits overlaps with the infamous adversarial collective Lazarus Group, citing an analysis of the]]> 2023-11-01T14:32:00+00:00 https://thehackernews.com/2023/11/north-korean-hackers-tageting-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8403987 False Malware,Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive Ursa. "As the code of the upgraded revision of Kazuar reveals, the authors put special emphasis on Kazuar\'s ability to]]> 2023-11-01T12:51:00+00:00 https://thehackernews.com/2023/11/turla-updates-kazuar-backdoor-with.html www.secnews.physaphae.fr/article.php?IdArticle=8403950 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution]]> 2023-11-01T10:23:00+00:00 https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8403894 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper\'s Android malware has a number of features that enable the operators to surreptitiously collect sensitive information from victims\' devices]]> 2023-10-31T19:46:00+00:00 https://thehackernews.com/2023/10/arid-viper-targeting-arabic-android.html www.secnews.physaphae.fr/article.php?IdArticle=8403559 False Malware,Threat APT-C-23,APT-C-23 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing since August 1, 2023, while linking it to a host of rogue NuGet packages that were observed delivering a remote access trojan called]]> 2023-10-31T17:34:00+00:00 https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html www.secnews.physaphae.fr/article.php?IdArticle=8403479 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration tester and the precision of pen testing solutions are crucial for staying on top of today\'s high]]> 2023-10-31T16:51:00+00:00 https://thehackernews.com/2023/10/pentestpad-platform-for-pentest-teams.html www.secnews.physaphae.fr/article.php?IdArticle=8403480 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data loss if exploited by an unauthenticated attacker." Tracked as CVE-2023-22518, the vulnerability is rated 9.1 out of a maximum of 10 on the CVSS scoring system. It has been described as an instance of "improper authorization vulnerability." All versions of Confluence Data]]> 2023-10-31T16:46:00+00:00 https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8403481 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google search results by leveraging Dynamic Search Ads. "Unbeknownst to the site owner, one of their ads was automatically created to promote a popular program for Python developers, and visible to people doing a Google search for it," Jérôme Segura, director of threat]]> 2023-10-31T16:25:00+00:00 https://thehackernews.com/2023/10/trojanized-pycharm-software-version.html www.secnews.physaphae.fr/article.php?IdArticle=8403425 False Threat,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Canada on Monday announced a ban on the use of apps from Tencent and Kaspersky on government mobile devices, citing an "unacceptable level of risk to privacy and security." "The Government of Canada is committed to keeping government information and networks secure," the Canadian government said. "We regularly monitor potential threats and take immediate action to address risks." To that end,]]> 2023-10-31T13:51:00+00:00 https://thehackernews.com/2023/10/canada-bans-wechat-and-kaspersky-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8403362 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta on Monday announced plans to offer an ad-free option to access Facebook and Instagram for users in the European Union (EU), European Economic Area (EEA), and Switzerland to comply with "evolving" data protection regulations in the region. The ad-free subscription, which costs €9.99/month on the web or €12.99/month on iOS and Android, is expected to be officially available starting next]]> 2023-10-31T11:59:00+00:00 https://thehackernews.com/2023/10/meta-launches-paid-ad-free-subscription.html www.secnews.physaphae.fr/article.php?IdArticle=8403339 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the ongoing Israeli-Hamas war. "This malware is an x64 ELF executable, lacking obfuscation or protective measures," Security Joes said in a new report published today. "It allows attackers to specify target folders and can potentially destroy an entire]]> 2023-10-30T21:55:00+00:00 https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html www.secnews.physaphae.fr/article.php?IdArticle=8402903 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Modern web app development relies on cloud infrastructure and containerization. These technologies scale on demand, handling millions of daily file transfers – it\'s almost impossible to imagine a world without them. However, they also introduce multiple attack vectors that exploit file uploads when working with public clouds, vulnerabilities in containers hosting web applications, and many other]]> 2023-10-30T17:39:00+00:00 https://thehackernews.com/2023/10/new-webinar-5-must-know-trends.html www.secnews.physaphae.fr/article.php?IdArticle=8402826 False Vulnerability,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Earlier this week, ServiceNow announced on its support site that misconfigurations within the platform could result in “unintended access” to sensitive data. For organizations that use ServiceNow, this security exposure is a critical concern that could have resulted in major data leakage of sensitive corporate data. ServiceNow has since taken steps to fix this issue.  This article fully analyzes]]> 2023-10-30T17:17:00+00:00 https://thehackernews.com/2023/10/servicenow-data-exposure-wake-up-call.html www.secnews.physaphae.fr/article.php?IdArticle=8402776 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate cryptojacking activities. "As a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging and]]> 2023-10-30T16:26:00+00:00 https://thehackernews.com/2023/10/elektra-leak-cryptojacking-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8402777 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows -  CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller CVE-2023-5043 (]]> 2023-10-30T12:16:00+00:00 https://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8402689 False Vulnerability,Threat Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. "MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications to Windows users," Elastic]]> 2023-10-30T09:51:00+00:00 https://thehackernews.com/2023/10/hackers-using-msix-app-packages-to.html www.secnews.physaphae.fr/article.php?IdArticle=8402624 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings have shed light on what\'s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. "The attacker has issued several new TLS certificates using Let\'s Encrypt service which were used to hijack encrypted STARTTLS]]> 2023-10-28T12:50:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html www.secnews.physaphae.fr/article.php?IdArticle=8401857 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for]]> 2023-10-27T20:27:00+00:00 https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html www.secnews.physaphae.fr/article.php?IdArticle=8401494 False Malware,Tool,Threat APT 38,APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it\'s essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the forefront of cybercriminal]]> 2023-10-27T16:26:00+00:00 https://thehackernews.com/2023/10/how-to-keep-your-business-running-in.html www.secnews.physaphae.fr/article.php?IdArticle=8401397 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it\'s expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. "Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or]]> 2023-10-27T16:24:00+00:00 https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html www.secnews.physaphae.fr/article.php?IdArticle=8401398 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP]]> 2023-10-27T09:53:00+00:00 https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8401236 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. "An attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using]]> 2023-10-26T22:19:00+00:00 https://thehackernews.com/2023/10/ileakage-new-safari-exploit-impacts.html www.secnews.physaphae.fr/article.php?IdArticle=8400981 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described the adversary as "one of the most dangerous financial criminal]]> 2023-10-26T19:26:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-as-scattered-spider.html www.secnews.physaphae.fr/article.php?IdArticle=8400870 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter," the web infrastructure]]> 2023-10-26T18:30:00+00:00 https://thehackernews.com/2023/10/record-breaking-100-million-rps-ddos.html www.secnews.physaphae.fr/article.php?IdArticle=8400871 False Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases.  Download the full case study here. It\'s a scenario that could have affected any type of company, from healthcare to finance, e-commerce to]]> 2023-10-26T17:29:00+00:00 https://thehackernews.com/2023/10/the-danger-of-forgotten-pixels-on.html www.secnews.physaphae.fr/article.php?IdArticle=8400814 False Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a downloader for further payloads," the PwC Threat Intelligence said in a Wednesday analysis. "It uses email]]> 2023-10-26T12:54:00+00:00 https://thehackernews.com/2023/10/iranian-group-tortoiseshell-launches.html www.secnews.physaphae.fr/article.php?IdArticle=8400736 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. "This is an easily exploitable, unauthenticated remote code]]> 2023-10-26T10:53:00+00:00 https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html www.secnews.physaphae.fr/article.php?IdArticle=8400737 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A relatively new threat actor known as YoroTrooper is likely made of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani entities, barring the government\'s Anti-Corruption Agency. "YoroTrooper attempts to obfuscate the]]> 2023-10-26T09:55:00+00:00 https://thehackernews.com/2023/10/yorotrooper-researchers-warn-of.html www.secnews.physaphae.fr/article.php?IdArticle=8400738 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims\' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou said in a new report published today. Previously, it was using known]]> 2023-10-25T18:50:00+00:00 https://thehackernews.com/2023/10/nation-state-hackers-exploiting-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8400151 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio, and Bukalapak, building upon previous shortcomings uncovered in Booking[.]com and Expo. The weaknesses, now addressed by the respective companies following responsible disclosure between February and April 2023, could have allowed malicious actors to]]> 2023-10-25T18:34:00+00:00 https://thehackernews.com/2023/10/critical-oauth-flaws-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8400152 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital landscape, around 60% of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations.  Despite S3 being a secure service from a reputable provider, its pivotal role in handling vast amounts of sensitive data (customer personal information, financial data, intellectual property, etc.), provides a juicy target for]]> 2023-10-25T17:06:00+00:00 https://thehackernews.com/2023/10/the-rise-of-s3-ransomware-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8400111 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger an out-of-bounds]]> 2023-10-25T15:41:00+00:00 https://thehackernews.com/2023/10/act-now-vmware-releases-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8400088 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The popularity of Brazil\'s PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for "WhatsApp web" on search engines. "The]]> 2023-10-25T14:43:00+00:00 https://thehackernews.com/2023/10/malvertising-campaign-targets-brazils.html www.secnews.physaphae.fr/article.php?IdArticle=8400067 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files]]> 2023-10-25T10:17:00+00:00 https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html www.secnews.physaphae.fr/article.php?IdArticle=8400012 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A former employee of the U.S. National Security Agency (NSA) has pleaded guilty to charges accusing him of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke, 31, served as an Information Systems Security Designer for the NSA from June 6, 2022, to July 1, 2022, where he had Top Secret clearance to access sensitive documents. The latest development comes more]]> 2023-10-24T18:00:00+00:00 https://thehackernews.com/2023/10/ex-nsa-employee-pleads-guilty-to.html www.secnews.physaphae.fr/article.php?IdArticle=8399798 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits. Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms, a katana sword, a baseball bat, €80,000 in cash, four high-end]]> 2023-10-24T16:30:00+00:00 https://thehackernews.com/2023/10/34-cybercriminals-arrested-in-spain-for.html www.secnews.physaphae.fr/article.php?IdArticle=8399691 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While application development has evolved rapidly, the API management suites used to access these services remain a spooky reminder of a different era. Introducing new API management infrastructure with these legacy models still poses challenges for organizations as they modernize. Transitioning from monolithic architectures to agile microservices empowers developers to make quick changes. Using]]> 2023-10-24T16:29:00+00:00 https://thehackernews.com/2023/10/make-api-management-less-scary-for-your.html www.secnews.physaphae.fr/article.php?IdArticle=8399692 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim\'s location. The findings come from Kaspersky, which detailed the great lengths the adversary behind the campaign, dubbed Operation Triangulation, went to conceal and cover up]]> 2023-10-24T14:07:00+00:00 https://thehackernews.com/2023/10/operation-triangulation-experts-uncover.html www.secnews.physaphae.fr/article.php?IdArticle=8399648 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group\'s Fox-IT team said. "Thus, for a lot of devices]]> 2023-10-24T12:03:00+00:00 https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html www.secnews.physaphae.fr/article.php?IdArticle=8399649 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular password management solution 1Password said it detected suspicious activity on its Okta instance on September 29 following the support system breach, but reiterated that no user data was accessed. "We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing," Pedro Canahuati, 1Password CTO,]]> 2023-10-24T10:25:00+00:00 https://thehackernews.com/2023/10/1password-detects-suspicious-activity.html www.secnews.physaphae.fr/article.php?IdArticle=8399593 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are also configured to deliver a downloader named CSVtyrei, so named for its resemblance to Vtyrei. "Some]]> 2023-10-23T17:04:00+00:00 https://thehackernews.com/2023/10/donot-teams-new-firebird-backdoor-hits.html www.secnews.physaphae.fr/article.php?IdArticle=8399385 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence-formerly the realm of data science and engineering teams-has become a resource available to every employee.  From a productivity perspective, that\'s fantastic. Unfortunately for IT and security teams, it also means you may have hundreds of people in your organization using a new tool in]]> 2023-10-23T17:04:00+00:00 https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html www.secnews.physaphae.fr/article.php?IdArticle=8399384 False Tool ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan said in a report published last week,]]> 2023-10-23T13:28:00+00:00 https://thehackernews.com/2023/10/quasar-rat-leverages-dll-side-loading.html www.secnews.physaphae.fr/article.php?IdArticle=8399386 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a "key target" in France. "In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia," the agency said. "The main perpetrator, suspected of being a developer of the Ragnar group, has been brought in front of the examining]]> 2023-10-21T18:40:00+00:00 https://thehackernews.com/2023/10/europol-dismantles-ragnar-locker.html www.secnews.physaphae.fr/article.php?IdArticle=8398660 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials to access its support case management system. "The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases," David Bradbury, Okta\'s chief security officer, said. "It should be noted that the Okta]]> 2023-10-21T14:15:00+00:00 https://thehackernews.com/2023/10/oktas-support-system-breach-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8398576 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain. "The attacker first]]> 2023-10-21T09:16:00+00:00 https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html www.secnews.physaphae.fr/article.php?IdArticle=8398506 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a malvertising campaign that leverages Google Ads to direct users searching for popular software to fictitious landing pages and distribute next-stage payloads. Malwarebytes, which discovered the activity, said it\'s "unique in its way to fingerprint users and distribute time sensitive payloads." The attack singles out users searching for Notepad++ and PDF converters to]]> 2023-10-20T19:19:00+00:00 https://thehackernews.com/2023/10/malvertisers-using-google-ads-to-target.html www.secnews.physaphae.fr/article.php?IdArticle=8398265 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attacks leveraging the DarkGate commodity malware targeting entities in the U.K., the U.S., and India have been linked to Vietnamese actors associated with the use of the infamous Ducktail stealer. "The overlap of tools and campaigns is very likely due to the effects of a cybercrime marketplace," WithSecure said in a report published today. "Threat actors are able to acquire and use multiple]]> 2023-10-20T18:58:00+00:00 https://thehackernews.com/2023/10/vietnamese-hackers-target-uk-us-and.html www.secnews.physaphae.fr/article.php?IdArticle=8398266 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Due to the rapid evolution of technology, the Internet of Things (IoT) is changing the way business is conducted around the world. This advancement and the power of the IoT have been nothing short of transformational in making data-driven decisions, accelerating efficiencies, and streamlining operations to meet the demands of a competitive global marketplace. IoT At a Crossroads IoT, in its most]]> 2023-10-20T17:08:00+00:00 https://thehackernews.com/2023/10/unleashing-power-of-internet-of-things.html www.secnews.physaphae.fr/article.php?IdArticle=8398230 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems. "ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor," Fortinet FortiGuard Labs researcher James Slaughter said in a]]> 2023-10-20T14:32:00+00:00 https://thehackernews.com/2023/10/exelastealer-new-low-cost-cybercrime.html www.secnews.physaphae.fr/article.php?IdArticle=8398112 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world, evade sanctions, and fund the country\'s ballistic missile program. The Department of Justice (DoJ) said the U.S. confiscated approximately $1.5 million of the revenue that these IT workers collected from]]> 2023-10-20T10:42:00+00:00 https://thehackernews.com/2023/10/us-doj-cracks-down-on-north-korean-it_20.html www.secnews.physaphae.fr/article.php?IdArticle=8398093 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023. "The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows]]> 2023-10-19T19:17:00+00:00 https://thehackernews.com/2023/10/sophisticated-mata-framework-strikes.html www.secnews.physaphae.fr/article.php?IdArticle=8397740 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The time between a vulnerability being discovered and hackers exploiting it is narrower than ever – just 12 days. So it makes sense that organizations are starting to recognize the importance of not leaving long gaps between their scans, and the term "continuous vulnerability scanning" is becoming more popular. Hackers won\'t wait for your next scan One-off scans can be a simple \'one-and-done\']]> 2023-10-19T17:18:00+00:00 https://thehackernews.com/2023/10/vulnerability-scanning-how-often-should.html www.secnews.physaphae.fr/article.php?IdArticle=8397690 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced an update to its Play Protect with support for real-time scanning at the code level to tackle novel malicious apps prior to downloading and installing them on Android devices. "Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats," the tech giant said. Google Play Protect is a]]> 2023-10-19T17:08:00+00:00 https://thehackernews.com/2023/10/google-play-protect-introduces-real.html www.secnews.physaphae.fr/article.php?IdArticle=8397691 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iran-linked OilRig threat actor targeted an unnamed Middle East government between February and September 2023 as part of an eight-month-long campaign. The attack led to the theft of files and passwords and, in one instance, resulted in the deployment of a PowerShell backdoor called PowerExchange, the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News]]> 2023-10-19T15:45:00+00:00 https://thehackernews.com/2023/10/iran-linked-oilrig-targets-middle-east.html www.secnews.physaphae.fr/article.php?IdArticle=8397652 False Threat APT 34 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft. The attacks, which entail the exploitation of CVE-2023-42793 (CVSS score: 9.8), have been attributed to Diamond Sleet (aka Labyrinth Chollima) and Onyx Sleet (aka Andariel or Silent Chollima). It\'s worth noting that both the]]> 2023-10-19T12:41:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-north-korean-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8397598 False Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The shortcoming has been actively]]> 2023-10-19T09:32:00+00:00 https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8397549 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. "The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews," Kaspersky]]> 2023-10-18T20:21:00+00:00 https://thehackernews.com/2023/10/lazarus-group-targeting-defense-experts.html www.secnews.physaphae.fr/article.php?IdArticle=8397305 False Threat APT 38,APT 38,APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions - NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50 NetScaler ADC and NetScaler Gateway 13.1 before]]> 2023-10-18T17:57:00+00:00 https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8397237 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise. "The payloads for the Qubitstrike campaign are]]> 2023-10-18T17:12:00+00:00 https://thehackernews.com/2023/10/qubitstrike-targets-jupyter-notebooks.html www.secnews.physaphae.fr/article.php?IdArticle=8397239 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don\'t just target single weaknesses; they\'re on the hunt for combinations of exposures and attack methods that can lead them to their desired objective. Despite the presence of numerous security tools, organizations often have to deal with two]]> 2023-10-18T17:12:00+00:00 https://thehackernews.com/2023/10/unraveling-real-life-attack-paths-key.html www.secnews.physaphae.fr/article.php?IdArticle=8397238 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware encryption to ensure the secure storage and transfer of data between computer systems," Kaspersky]]> 2023-10-18T14:41:00+00:00 https://thehackernews.com/2023/10/tetrisphantom-cyber-espionage-via.html www.secnews.physaphae.fr/article.php?IdArticle=8397164 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A medium-severity flaw has been discovered in Synology\'s DiskStation Manager (DSM) that could be exploited to decipher an administrator\'s password and remotely hijack the account. "Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account,"]]> 2023-10-18T12:18:00+00:00 https://thehackernews.com/2023/10/new-admin-takeover-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8397128 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015," the company said. "The data was used for registration purposes back then. So far, no]]> 2023-10-18T09:11:00+00:00 https://thehackernews.com/2023/10/d-link-confirms-data-breach-employee.html www.secnews.physaphae.fr/article.php?IdArticle=8397062 False Data Breach,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In what\'s the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure. Discord, in recent years, has become a lucrative target, acting as a fertile ground for hosting malware using its content delivery network (CDN) as]]> 2023-10-17T20:18:00+00:00 https://thehackernews.com/2023/10/discord-playground-for-nation-state.html www.secnews.physaphae.fr/article.php?IdArticle=8396801 False Threat,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10. Sonar security researcher Thomas Chauchefoin, who discovered the bugs,]]> 2023-10-17T20:07:00+00:00 https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8396752 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial data is much more than just a collection of numbers; it is a crucial component of any business and a prime target for cybercriminals. It\'s important to understand that financial records can be a veritable treasure trove for digital pirates. A security breach not only puts customers\' personal information in jeopardy but also enables fraudsters to drain company funds and exploit clients.]]> 2023-10-17T17:13:00+00:00 https://thehackernews.com/2023/10/webinar-locking-down-financial-and.html www.secnews.physaphae.fr/article.php?IdArticle=8396691 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently, the cybersecurity landscape has been confronted with a daunting new reality – the rise of malicious Generative AI, like FraudGPT and WormGPT. These rogue creations, lurking in the dark corners of the internet, pose a distinctive threat to the world of digital security. In this article, we will look at the nature of Generative AI fraud, analyze the messaging surrounding these creations,]]> 2023-10-17T15:47:00+00:00 https://thehackernews.com/2023/10/exploring-realm-of-malicious-generative.html www.secnews.physaphae.fr/article.php?IdArticle=8396653 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41 routers before version 35.3.0.7 that could enable attackers to access]]> 2023-10-17T15:46:00+00:00 https://thehackernews.com/2023/10/experts-warn-of-severe-flaws-affecting.html www.secnews.physaphae.fr/article.php?IdArticle=8396654 False Vulnerability,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors "interfered" with at least 11 telecommunication service providers in the country between May and September 2023. The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers. The starting point of the attacks is a reconnaissance phase in]]> 2023-10-17T11:16:00+00:00 https://thehackernews.com/2023/10/cert-ua-reports-11-ukrainian-telecom.html www.secnews.physaphae.fr/article.php?IdArticle=8396553 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that\'s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. It\'s worth pointing out that the shortcoming only affects enterprise networking gear that have]]> 2023-10-17T09:42:00+00:00 https://thehackernews.com/2023/10/warning-unpatched-cisco-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8396540 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as]]> 2023-10-16T19:25:00+00:00 https://thehackernews.com/2023/10/pro-russian-hackers-exploiting-recent.html www.secnews.physaphae.fr/article.php?IdArticle=8396240 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure. Besides requesting invasive permissions to access call logs, camera, SMS messages, and external]]> 2023-10-16T17:41:00+00:00 https://thehackernews.com/2023/10/spynote-beware-of-this-android-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8396241 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS Security\'s roots are in configuration management. An astounding 35% of all security breaches begin with security settings that were misconfigured. In the past 3 years, the initial access vectors to SaaS data have widened beyond misconfiguration management. “SaaS Security on Tap” is a new video series that takes place in Eliana V\'s bar making sure that the only thing that leaks is beer (]]> 2023-10-16T17:16:00+00:00 https://thehackernews.com/2023/10/the-fast-evolution-of-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8396179 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. "After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels," it said in a series of messages posted in X (formerly]]> 2023-10-16T15:01:00+00:00 https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8396115 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed serving malicious code by utilizing Binance\'s Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting]]> 2023-10-16T10:29:00+00:00 https://thehackernews.com/2023/10/binances-smart-chain-exploited-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8396019 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said. "New features for Windows 11 include]]> 2023-10-14T11:59:00+00:00 https://thehackernews.com/2023/10/microsoft-to-phase-out-ntlm-in-favor-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395428 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also]]> 2023-10-13T20:01:00+00:00 https://thehackernews.com/2023/10/new-peapod-cyberattack-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8395186 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew\'s tactics and capabilities. The findings come from Kaspersky, which first shed light on the adversary last year, linking it to attacks against high-profile entities in Europe and Asia for nearly three]]> 2023-10-13T17:23:00+00:00 https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395127 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively.  This article will cover just some of those new developments in Q3-2023 as well as give predictions on quarters to]]> 2023-10-13T16:37:00+00:00 https://thehackernews.com/2023/10/ransomware-attacks-doubled-year-on-year.html www.secnews.physaphae.fr/article.php?IdArticle=8395108 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams. In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware. "It\'s]]> 2023-10-13T16:06:00+00:00 https://thehackernews.com/2023/10/darkgate-malware-spreading-via.html www.secnews.physaphae.fr/article.php?IdArticle=8395082 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That\'s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation\'s]]> 2023-10-13T15:55:00+00:00 https://thehackernews.com/2023/10/fbi-cisa-warn-of-rising-avoslocker.html www.secnews.physaphae.fr/article.php?IdArticle=8395083 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report today. While]]> 2023-10-12T18:47:00+00:00 https://thehackernews.com/2023/10/malicious-nuget-package-targeting-net.html www.secnews.physaphae.fr/article.php?IdArticle=8394742 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value," the AhnLab Security Emergency response Center (ASEC)]]> 2023-10-12T16:57:00+00:00 https://thehackernews.com/2023/10/shellbot-uses-hex-ips-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8394707 True Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive business data into ChatGPT, or similar applications. DLP solutions, the go-to solution for similar challenges, are]]> 2023-10-12T16:03:00+00:00 https://thehackernews.com/2023/10/how-to-guard-your-data-from-exposure-in.html www.secnews.physaphae.fr/article.php?IdArticle=8394708 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant\'s threat intelligence team is tracking the operator as Storm-1567. The attack leveraged devices that were not onboarded to Microsoft]]> 2023-10-12T15:59:00+00:00 https://thehackernews.com/2023/10/microsoft-defender-thwarts-akira.html www.secnews.physaphae.fr/article.php?IdArticle=8394709 False Ransomware,Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site. "Complete with a professional looking opening comment implying it is a caching plugin, this rogue code contains numerous functions, adds filters to prevent itself from being included in the list]]> 2023-10-12T14:46:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-malware-posing-as.html www.secnews.physaphae.fr/article.php?IdArticle=8394665 False Malware None 1.00000000000000000000