This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T20:35:44+00:00 www.secnews.physaphae.fr SecurityWeek - Security News 2022-03-30T12:32:14+00:00 https://www.securityweek.com/lapsus-claims-hack-it-giant-globant-after-arrests-alleged-members www.secnews.physaphae.fr/article.php?IdArticle=4366538 False Hack None None Security Affairs - Blog Secu 2022-03-29T22:03:16+00:00 https://securityaffairs.co/wordpress/129609/cyber-crime/625m-axie-infinity-ronin-hack.html?utm_source=rss&utm_medium=rss&utm_campaign=625m-axie-infinity-ronin-hack www.secnews.physaphae.fr/article.php?IdArticle=4362602 False Hack,Threat None None InformationSecurityBuzzNews - Site de News Securite 2022-03-29T14:23:50+00:00 https://informationsecuritybuzz.com/expert-comments/data-of-820000-nyc-students-compromised-in-hack-of-online-grading-system/ www.secnews.physaphae.fr/article.php?IdArticle=4359947 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-29T00:50:41+00:00 https://thehackernews.com/2022/03/new-report-on-okta-hack-reveals-entire.html www.secnews.physaphae.fr/article.php?IdArticle=4358287 False Hack None None Security Affairs - Blog Secu 2022-03-28T21:48:16+00:00 https://securityaffairs.co/wordpress/129576/hacktivism/anonymous-huge-data-dump.html?utm_source=rss&utm_medium=rss&utm_campaign=anonymous-huge-data-dump www.secnews.physaphae.fr/article.php?IdArticle=4356038 False Hack None None SecurityWeek - Security News 2022-03-28T19:28:47+00:00 https://www.securityweek.com/researchers-hack-remote-keyless-system-honda-vehicles www.secnews.physaphae.fr/article.php?IdArticle=4355250 False Hack None None Security Affairs - Blog Secu 2022-03-24T22:09:04+00:00 https://securityaffairs.co/wordpress/129452/hacking/russian-building-controller-hack.html?utm_source=rss&utm_medium=rss&utm_campaign=russian-building-controller-hack www.secnews.physaphae.fr/article.php?IdArticle=4337022 False Hack None None knowbe4 - cybersecurity services WIRED wrote: "More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet's rotation, the satellite beams high-speed internet down to people across Europe. S]]> 2022-03-24T19:20:26+00:00 https://blog.knowbe4.com/wired-a-mysterious-satellite-hack-has-victims-far-beyond-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4336426 False Hack None None SecurityWeek - Security News 2022-03-24T15:23:22+00:00 https://www.securityweek.com/over-100-building-controllers-russia-vulnerable-remote-hacker-attacks www.secnews.physaphae.fr/article.php?IdArticle=4335367 False Hack None None Ars Technica - Risk Assessment Security Hacktivism 2022-03-24T14:20:17+00:00 https://arstechnica.com/?p=1843265 www.secnews.physaphae.fr/article.php?IdArticle=4334903 False Hack None None Security Affairs - Blog Secu 2022-03-24T06:34:03+00:00 https://securityaffairs.co/wordpress/129422/data-breach/okta-says-375-customers-impacted-by-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=okta-says-375-customers-impacted-by-data-breach www.secnews.physaphae.fr/article.php?IdArticle=4333392 False Data Breach,Hack None None Security Affairs - Blog Secu 2022-03-22T14:31:17+00:00 https://securityaffairs.co/wordpress/129343/data-breach/lapsus-gang-claims-okta-hack.html?utm_source=rss&utm_medium=rss&utm_campaign=lapsus-gang-claims-okta-hack www.secnews.physaphae.fr/article.php?IdArticle=4323918 False Hack,Threat None None Security Affairs - Blog Secu 2022-03-17T16:50:47+00:00 https://securityaffairs.co/wordpress/129157/hacktivism/anonymous-vs-russia-2.html?utm_source=rss&utm_medium=rss&utm_campaign=anonymous-vs-russia-2 www.secnews.physaphae.fr/article.php?IdArticle=4299277 False Hack None None SecurityWeek - Security News 2022-03-15T09:48:29+00:00 https://www.securityweek.com/israel-says-government-sites-targeted-hack www.secnews.physaphae.fr/article.php?IdArticle=4283370 False Hack None None Security Affairs - Blog Secu 2022-03-10T05:37:58+00:00 https://securityaffairs.co/wordpress/128867/hacking/tlstorm-flaws-ups-devices.html?utm_source=rss&utm_medium=rss&utm_campaign=tlstorm-flaws-ups-devices www.secnews.physaphae.fr/article.php?IdArticle=4252754 False Hack None None SecurityWeek - Security News 2022-03-10T01:47:28+00:00 https://www.securityweek.com/alleged-ukrainian-hacker-us-court-after-extradition-poland www.secnews.physaphae.fr/article.php?IdArticle=4252201 False Ransomware,Hack None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-03-09T21:10:20+00:00 https://threatpost.com/apt41-spies-broke-into-6-us-state-networks-via-livestock-app/178838/ www.secnews.physaphae.fr/article.php?IdArticle=4251227 False Hack,Threat APT 41 None SecurityWeek - Security News 2022-03-08T13:13:23+00:00 https://www.securityweek.com/millions-apc-smart-ups-devices-can-be-remotely-hacked-damaged www.secnews.physaphae.fr/article.php?IdArticle=4245720 False Hack None None TroyHunt - Blog Security 2022-03-06T13:00:21+00:00 https://arstechnica.com/?p=1838449 www.secnews.physaphae.fr/article.php?IdArticle=4237174 False Hack None None Schneier on Security - Chercheur Cryptologue Américain report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group). …the scope of victims exceeded 287 targets in 45 countries, including Russia, Japan, Spain, Germany, Italy, etc. The attack lasted for over 10 years. Moreover, one victim in Japan is used as a jump server for further attack. News article. ]]> 2022-03-03T12:32:33+00:00 https://www.schneier.com/blog/archives/2022/03/details-of-an-nsa-hacking-operation.html www.secnews.physaphae.fr/article.php?IdArticle=4221170 False Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-02T06:47:24+00:00 https://thehackernews.com/2022/03/hackers-try-to-hack-european-officials.html www.secnews.physaphae.fr/article.php?IdArticle=4215645 False Hack None None SecurityWeek - Security News 2022-02-24T19:59:17+00:00 https://www.securityweek.com/nigerian-admits-us-court-hacking-payroll-company www.secnews.physaphae.fr/article.php?IdArticle=4178647 False Hack,Guideline None None InformationSecurityBuzzNews - Site de News Securite 2022-02-23T13:16:49+00:00 https://informationsecuritybuzz.com/expert-comments/meyer-data-breach-expert-commentary/ www.secnews.physaphae.fr/article.php?IdArticle=4171688 False Data Breach,Hack None None Krebs on Security - Chercheur Américain 2022-02-16T16:44:19+00:00 https://krebsonsecurity.com/2022/02/red-cross-hack-linked-to-iranian-influence-operation/ www.secnews.physaphae.fr/article.php?IdArticle=4137689 False Hack None None TroyHunt - Blog Security 2022-02-15T21:25:36+00:00 https://arstechnica.com/?p=1834447 www.secnews.physaphae.fr/article.php?IdArticle=4135312 False Hack None None TechRepublic - Security News US 2022-02-15T20:55:25+00:00 https://www.techrepublic.com/article/how-to-hack-the-registry-file-to-change-the-size-of-the-windows-11-taskbar/ www.secnews.physaphae.fr/article.php?IdArticle=4135299 False Hack None None Hacking Articles - Blog de Raj Chandel 2022-02-15T19:09:31+00:00 https://www.hackingarticles.in/horizontall-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=4134754 False Hack,Vulnerability None None Schneier on Security - Chercheur Cryptologue Américain report of the 2021 ransomware attack against Ireland's Health Services Executive lists some really bad security practices: The report notes that: The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction. It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event. Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. Antivirus software triggered numerous alerts after detecting Cobalt Strike activity but these were not escalated. (The antivirus server was later encrypted in the attack). ...]]> 2022-02-11T12:17:53+00:00 https://www.schneier.com/blog/archives/2022/02/on-the-irish-health-services-executive-hack.html www.secnews.physaphae.fr/article.php?IdArticle=4111937 False Ransomware,Hack,Guideline None None Bleeping Computer - Magazine Américain 2022-02-10T14:11:02+00:00 https://www.bleepingcomputer.com/news/security/apple-patches-new-zero-day-exploited-to-hack-iphones-ipads-macs/ www.secnews.physaphae.fr/article.php?IdArticle=4107322 True Hack None None InformationSecurityBuzzNews - Site de News Securite 2022-02-10T13:25:37+00:00 https://informationsecuritybuzz.com/expert-comments/mass-hack-of-500-stores-running-magento-1/ www.secnews.physaphae.fr/article.php?IdArticle=4119921 True Hack None None InformationSecurityBuzzNews - Site de News Securite 2022-02-10T12:57:00+00:00 https://informationsecuritybuzz.com/expert-comments/100k-bounty-to-hack-expressvpn-youattest-comments/ www.secnews.physaphae.fr/article.php?IdArticle=4119925 False Hack,Vulnerability None None UnderNews - Site de news "pirate" francais Hack In Paris lance un call for papers pour son édition de 2022 first appeared on UnderNews.]]> 2022-02-09T07:58:43+00:00 https://www.undernews.fr/culture-web-emploi/evenements/hack-in-paris-lance-un-call-for-papers-pour-son-edition-de-2022.html www.secnews.physaphae.fr/article.php?IdArticle=4098291 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-09T05:53:03+00:00 https://thehackernews.com/2022/02/us-arrests-two-and-seizes-36-million-in.html www.secnews.physaphae.fr/article.php?IdArticle=4099514 False Hack None None Security Affairs - Blog Secu 2022-02-08T22:30:26+00:00 https://securityaffairs.co/wordpress/127805/cyber-crime/bitfinex-stolen-funds-seizure.html?utm_source=rss&utm_medium=rss&utm_campaign=bitfinex-stolen-funds-seizure www.secnews.physaphae.fr/article.php?IdArticle=4096398 False Hack None None SecurityWeek - Security News 2022-02-08T17:56:38+00:00 https://www.securityweek.com/justice-dept-announces-36b-crypto-seizure-2-arrests www.secnews.physaphae.fr/article.php?IdArticle=4095100 False Hack None None knowbe4 - cybersecurity services [Heads Up] Beware of New QuickBooks Payment Scams   Email not displaying? | CyberheistNews Vol 12 #06  |   Feb. 8th., 2022 [Heads Up] Beware of New QuickBooks Payment Scams Many small and mid-sized companies use Intuit's popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program aggressively pushes other complimentary features. One of those add-on features is the ability to send customers' invoices via email. The payee can click on a “Review and pay” button in the email to pay the invoice. It used to be a free, but less mature, feature years ago, but these days, it costs extra. Still, if you are using QuickBooks for your accounting, the ability to generate, send, receive and electronically track invoices all in one place is a pretty easy sell. Unfortunately, phishing criminals are using QuickBooks' popularity to send business email compromise (BEC) scams. The emails appear as if they are coming from a legitimate vendor using QuickBooks, but if the potential victim takes the bait, the invoice they pay will be to the scammer. Worse, the payment request can require that the payee use ACH (automated clearing house) method, which requires the payee to input their bank account details. So, if the victim falls for the scam, the criminal now has their bank account information. Not good. Note: Some other QuickBooks scam warnings will tell you that QuickBooks will never ask for your ACH or banking details. This is not completely true. QuickBooks, the company and its support staff, never will, but QuickBooks email payment requests often do. Warn your users in Accounting. CONTINUED at the KnowBe4 blog with both legit and malicious example screenshots: https://blog.knowbe4.com/beware-of-quickbooks-payment-scams ]]> 2022-02-08T14:23:51+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-06-heads-up-beware-of-new-quickbooks-payment-scams www.secnews.physaphae.fr/article.php?IdArticle=4094184 False Malware,Hack,Threat,Conference APT 35 None Bleeping Computer - Magazine Américain 2022-02-08T12:51:37+00:00 https://www.bleepingcomputer.com/news/security/us-seizes-36-billion-stolen-in-2016-bitfinex-cryptoexchange-hack/ www.secnews.physaphae.fr/article.php?IdArticle=4095025 False Hack None None SecurityWeek - Security News 2022-02-07T11:55:33+00:00 https://www.securityweek.com/new-report-alleges-widespread-pegasus-spying-israel-police www.secnews.physaphae.fr/article.php?IdArticle=4093674 False Hack None None Bleeping Computer - Magazine Américain 2022-02-04T09:03:26+00:00 https://www.bleepingcomputer.com/news/security/news-corp-discloses-hack-from-persistent-nation-state-cyber-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=4080521 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-04T03:52:32+00:00 https://thehackernews.com/2022/02/another-israeli-firm-quadream-caught.html www.secnews.physaphae.fr/article.php?IdArticle=4080219 False Hack,Vulnerability None None SecurityWeek - Security News 2022-02-03T14:27:31+00:00 https://www.securityweek.com/over-300-million-cryptocurrency-stolen-wormhole-hack www.secnews.physaphae.fr/article.php?IdArticle=4076356 False Hack None None Security Affairs - Blog Secu 2022-02-03T10:46:23+00:00 https://securityaffairs.co/wordpress/127570/cyber-crime/wormhole-hack.html?utm_source=rss&utm_medium=rss&utm_campaign=wormhole-hack www.secnews.physaphae.fr/article.php?IdArticle=4075484 False Hack None None knowbe4 - cybersecurity services   ]]> 2022-02-01T14:37:29+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-05-dhs-sounds-alarm-on-new-russian-destructive-disk-wiper-attack-potential www.secnews.physaphae.fr/article.php?IdArticle=4065596 False Ransomware,Malware,Hack,Tool,Threat,Guideline NotPetya,NotPetya,APT 27,APT 27,Wannacry,Wannacry None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-01-31T18:18:41+00:00 https://threatpost.com/apple-bug-bounty-mac-webcam-hack/178114/ www.secnews.physaphae.fr/article.php?IdArticle=4060564 False Hack None None Security Affairs - Blog Secu 2022-01-31T15:33:06+00:00 https://securityaffairs.co/wordpress/127430/hacking/hackers-stole-80m-worth-of-cryptocurrency-from-the-qubit-defi-platform.html?utm_source=rss&utm_medium=rss&utm_campaign=hackers-stole-80m-worth-of-cryptocurrency-from-the-qubit-defi-platform www.secnews.physaphae.fr/article.php?IdArticle=4059381 False Hack,Threat None None Security Affairs - Blog Secu 2022-01-31T12:19:57+00:00 https://securityaffairs.co/wordpress/127410/hacking/apple-macbook-webcam-microphone-hack.html?utm_source=rss&utm_medium=rss&utm_campaign=apple-macbook-webcam-microphone-hack www.secnews.physaphae.fr/article.php?IdArticle=4058558 False Hack,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-01-30T22:07:04+00:00 https://thehackernews.com/2022/01/apple-pays-100500-bounty-to-hacker-who.html www.secnews.physaphae.fr/article.php?IdArticle=4057184 False Hack None None IT Security Guru - Blog Sécurité 2022-01-28T15:52:38+00:00 https://www.itsecurityguru.org/2022/01/28/a-19-year-old-security-researcher-was-able-to-hack-25-teslas-heres-what-happened/?utm_source=rss&utm_medium=rss&utm_campaign=a-19-year-old-security-researcher-was-able-to-hack-25-teslas-heres-what-happened www.secnews.physaphae.fr/article.php?IdArticle=4046774 False Hack None None Security Affairs - Blog Secu 2022-01-26T22:25:35+00:00 https://securityaffairs.co/wordpress/127240/hacking/apple-fixed-two-zero-day-2022.html?utm_source=rss&utm_medium=rss&utm_campaign=apple-fixed-two-zero-day-2022 www.secnews.physaphae.fr/article.php?IdArticle=4038176 False Hack,Threat None None Bleeping Computer - Magazine Américain 2022-01-26T14:39:31+00:00 https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-exploited-to-hack-macos-ios-devices/ www.secnews.physaphae.fr/article.php?IdArticle=4037223 False Hack None None SecurityWeek - Security News 2022-01-24T16:16:45+00:00 https://www.securityweek.com/cwp-flaws-expose-servers-remote-attacks-possibly-exploited-wild www.secnews.physaphae.fr/article.php?IdArticle=4026800 False Hack None None Security Affairs - Blog Secu 2022-01-22T16:29:21+00:00 https://securityaffairs.co/wordpress/127058/hacking/control-web-panel-flaws.html?utm_source=rss&utm_medium=rss&utm_campaign=control-web-panel-flaws www.secnews.physaphae.fr/article.php?IdArticle=4017660 False Hack None None Security Affairs - Blog Secu 2022-01-20T15:05:32+00:00 https://securityaffairs.co/wordpress/126956/hacking/crypto-com-crypto-heist.html?utm_source=rss&utm_medium=rss&utm_campaign=crypto-com-crypto-heist www.secnews.physaphae.fr/article.php?IdArticle=4003836 False Hack,Guideline None None SecurityWeek - Security News 2022-01-20T13:03:39+00:00 https://www.securityweek.com/data-7-million-opensubtitles-users-leaked-after-hack-despite-site-paying-ransom www.secnews.physaphae.fr/article.php?IdArticle=4003239 False Hack None None IT Security Guru - Blog Sécurité 2022-01-20T10:54:37+00:00 https://www.itsecurityguru.org/2022/01/20/red-cross-hack-exposes-data-of-515000/?utm_source=rss&utm_medium=rss&utm_campaign=red-cross-hack-exposes-data-of-515000 www.secnews.physaphae.fr/article.php?IdArticle=4002368 False Hack None None ZD Net - Magazine Info 2022-01-20T09:56:17+00:00 https://www.zdnet.com/article/multichain-token-hack-losses-reach-3-million-report/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=4002356 False Hack None None Bleeping Computer - Magazine Américain 2022-01-20T04:10:00+00:00 https://www.bleepingcomputer.com/news/security/483-cryptocom-accounts-compromised-in-34-million-hack/ www.secnews.physaphae.fr/article.php?IdArticle=4002174 False Hack None None Ars Technica - Risk Assessment Security Hacktivism 2022-01-20T01:17:58+00:00 https://arstechnica.com/?p=1827094 www.secnews.physaphae.fr/article.php?IdArticle=4000213 False Hack None None Korben - Bloger francais 2022-01-18T08:00:00+00:00 https://korben.info/yi-hack-rtsp-yi-camera.html www.secnews.physaphae.fr/article.php?IdArticle=3984996 False Hack None None SecurityWeek - Security News 2022-01-17T11:40:12+00:00 https://www.securityweek.com/personal-information-compromised-goodwill-website-hack www.secnews.physaphae.fr/article.php?IdArticle=3978981 False Hack None None SecurityWeek - Security News a massive cyberattack that knocked out key government websites this past week, as Microsoft warned the hack could be far worse than first thought. ]]> 2022-01-16T14:19:42+00:00 https://www.securityweek.com/ukraine-says-has-evidence-russia-behind-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=3974965 False Hack None None Ars Technica - Risk Assessment Security Hacktivism 2022-01-13T20:42:20+00:00 https://arstechnica.com/?p=1825770 www.secnews.physaphae.fr/article.php?IdArticle=3959425 False Hack None None Security Affairs - Blog Secu 2022-01-11T14:52:46+00:00 https://securityaffairs.co/wordpress/126569/cyber-crime/night-sky-ransomware-log4shell.html?utm_source=rss&utm_medium=rss&utm_campaign=night-sky-ransomware-log4shell www.secnews.physaphae.fr/article.php?IdArticle=3947350 False Ransomware,Hack,Vulnerability None None Bleeping Computer - Magazine Américain 2022-01-11T06:24:43+00:00 https://www.bleepingcomputer.com/news/security/night-sky-ransomware-uses-log4j-bug-to-hack-vmware-horizon-servers/ www.secnews.physaphae.fr/article.php?IdArticle=3946457 False Ransomware,Hack,Vulnerability None None Security Affairs - Blog Secu 2022-01-07T15:47:57+00:00 https://securityaffairs.co/wordpress/126421/hacking/log4shell-nhs-attacks.html?utm_source=rss&utm_medium=rss&utm_campaign=log4shell-nhs-attacks www.secnews.physaphae.fr/article.php?IdArticle=3936837 False Hack,Vulnerability,Threat None None SecurityWeek - Security News 2022-01-07T01:00:47+00:00 https://www.securityweek.com/rights-group-verifies-polish-senator-was-hacked-spyware www.secnews.physaphae.fr/article.php?IdArticle=3934837 False Hack None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Fintech Firm Hit by Log4j Hack Refuses to Pay $5 Million Ransom (published: December 29, 2021) The Vietnamese crypto trading, ONUS, was breached by unknown threat actor(s) by exploiting the Log4Shell (CVE-2021-44228) vulnerability between December 11 and 13. The exploited target was an AWS server running Cyclos, which is a point-of-sale software provider, and the server was only intended for sandbox purposes. Actors were then able to steal information via the misconfigured AWS S3 buckets containing information on approximately two million customers. Threat actors then attempted to extort five million dollars (USD). Analyst Comment: Although Cyclos issued a warning to patch on December 13, the threat actors had already gained illicit access. Even though Log4Shell provided initial access to the compromised server, it was the misconfigured buckets the actors took advantage of to steal data. MITRE ATT&CK: [MITRE ATT&CK] Exploitation for Client Execution - T1203 Tags: ONUS, Log4Shell, CVE-2021-44228, Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends (published: December 29, 2021) Palo Alto Networks Unit42 researchers have published a report based on their tracking of strategically-aged malicious domains (registered but not used until a specific time) and their domain generation algorithm (DGA) created subdomains. Researchers found two Pegasus spyware command and control domains that were registered in 2019 and were not active until July 2021. A phishing campaign using DGA subdomains that were similar to those used during the SolarWinds supply chain attack was also identified. Analyst Comment: Monitor your networks for abnormal DNS requests, and have bandwidth limitations in place, if possible, to prevent numerous connections to DGA domains. Knowing which DGAs are most active in the wild will allow you to build a proactive defense by detecting any DGA that is in use. Anomali can detect DGA algorithms used by malware to assist in defending against these types of threats. MITRE ATT&CK: [MITRE ATT&CK] Dynamic Resolution - T1568 | [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] Application Layer Protocol - T1071 Tags: DGA , Pegasus, Phishing Implant.ARM.iLOBleed.a (published: December 28, 2021) Amnpardaz researchers discovered a new rootkit that has been targeting Hewlett-Packard Enterprise’s Integrated Lights-Out (iLO) server managemen]]> 2022-01-05T19:55:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-5-million-breach-extortion-apts-using-dga-subdomains-cyberespionage-group-incorporates-a-new-tool-and-more www.secnews.physaphae.fr/article.php?IdArticle=3928542 False Malware,Hack,Tool,Vulnerability,Threat LastPass None Security Affairs - Blog Secu 2022-01-04T21:05:11+00:00 https://securityaffairs.co/wordpress/126317/cyber-crime/uscellular-second-data-breach-2021.html?utm_source=rss&utm_medium=rss&utm_campaign=uscellular-second-data-breach-2021 www.secnews.physaphae.fr/article.php?IdArticle=3924462 False Data Breach,Hack None None Bleeping Computer - Magazine Américain 2022-01-04T12:07:08+00:00 https://www.bleepingcomputer.com/news/security/uscellular-discloses-data-breach-after-billing-system-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3923601 False Data Breach,Hack None None Hacking Articles - Blog de Raj Chandel 2021-12-31T12:01:41+00:00 https://www.hackingarticles.in/pit-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=3911509 True Hack None None SecurityWeek - Security News 2021-12-29T17:21:27+00:00 https://www.securityweek.com/chinese-spies-exploit-log4shell-hack-major-academic-institution www.secnews.physaphae.fr/article.php?IdArticle=3904964 False Hack,Vulnerability None None Hacking Articles - Blog de Raj Chandel 2021-12-29T13:03:09+00:00 https://www.hackingarticles.in/bounty-hunter-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=3903689 False Hack None None Bleeping Computer - Magazine Américain 2021-12-29T07:07:07+00:00 https://www.bleepingcomputer.com/news/security/fintech-firm-hit-by-log4j-hack-refuses-to-pay-5-million-ransom/ www.secnews.physaphae.fr/article.php?IdArticle=3903621 False Hack None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-24T10:25:00+00:00 https://www.infosecurity-magazine.com/news/former-uber-cso-faces-new-charge/ www.secnews.physaphae.fr/article.php?IdArticle=3868975 False Hack Uber,Uber None TechRepublic - Security News US 2021-12-21T17:42:17+00:00 https://www.techrepublic.com/article/how-to-display-seconds-in-the-windows-11-system-clock-despite-microsofts-wishes/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3841412 False Hack None None SecurityWeek - Security News 2021-12-21T12:19:11+00:00 https://www.securityweek.com/vulnerabilities-can-allow-hackers-tamper-walk-through-metal-detectors www.secnews.physaphae.fr/article.php?IdArticle=3839156 False Hack None None Bleeping Computer - Magazine Américain 2021-12-17T10:00:00+00:00 https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers/ www.secnews.physaphae.fr/article.php?IdArticle=3813913 False Ransomware,Hack None None Graham Cluley - Blog Security 2021-12-16T14:45:51+00:00 https://www.tripwire.com/state-of-security/government/the-dhs-is-inviting-hackers-to-break-into-its-systems-but-there-are-rules-of-engagement/ www.secnews.physaphae.fr/article.php?IdArticle=3807632 False Hack None None Graham Cluley - Blog Security 2021-12-16T00:08:09+00:00 https://grahamcluley.com/smashing-security-podcast-256/ www.secnews.physaphae.fr/article.php?IdArticle=3803749 False Hack,Vulnerability None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-12-14T23:10:21+00:00 https://threatpost.com/apple-ios-updates-iphone-13-jailbreak-exploit/177051/ www.secnews.physaphae.fr/article.php?IdArticle=3796894 False Hack None None Hacking Articles - Blog de Raj Chandel 2021-12-13T20:45:23+00:00 https://www.hackingarticles.in/seal-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=3791190 False Hack None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-13T19:28:00+00:00 https://www.infosecurity-magazine.com/news/sans-opens-free-holiday-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3790575 False Hack None None TechRepublic - Security News US 2021-12-13T19:21:50+00:00 https://www.techrepublic.com/article/how-to-display-version-information-on-the-windows-11-desktop/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3790643 False Hack None None SecurityWeek - Security News 2021-12-10T10:34:27+00:00 https://www.securityweek.com/saudi-activist-sues-3-former-us-officials-over-hacking www.secnews.physaphae.fr/article.php?IdArticle=3773042 False Hack None None We Live Security - Editeur Logiciel Antivirus ESET 2021-12-09T10:30:33+00:00 https://www.welivesecurity.com/2021/12/09/snaphack-watch-out-those-who-can-hack-anyones-snapchat/ www.secnews.physaphae.fr/article.php?IdArticle=3771746 False Hack None None Hacking Articles - Blog de Raj Chandel 2021-12-07T20:58:46+00:00 https://www.hackingarticles.in/explore-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=3758765 False Hack None None Bleeping Computer - Magazine Américain 2021-12-06T13:46:47+00:00 https://www.bleepingcomputer.com/news/security/france-warns-of-nobelium-cyberspies-attacking-french-orgs/ www.secnews.physaphae.fr/article.php?IdArticle=3753374 False Hack None None IT Security Guru - Blog Sécurité 2021-12-06T11:22:48+00:00 https://www.itsecurityguru.org/2021/12/06/bitmart-hacked-in-large-scale-security-breach/?utm_source=rss&utm_medium=rss&utm_campaign=bitmart-hacked-in-large-scale-security-breach www.secnews.physaphae.fr/article.php?IdArticle=3751652 False Hack None None Wired Threat Level - Security News 2021-12-04T16:10:18+00:00 https://www.wired.com/story/planned-parenthood-la-hack-predictive-policing-ubiquiti www.secnews.physaphae.fr/article.php?IdArticle=3746899 False Hack None None Graham Cluley - Blog Security 2021-12-03T10:26:13+00:00 https://www.bitdefender.com/blog/hotforsecurity/man-charged-with-ubiquiti-data-breach-and-extortion-was-employee-assigned-to-investigate-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3741011 False Data Breach,Hack None None Schneier on Security - Chercheur Cryptologue Américain exploiting a bug in software the service uses to draft smart contracts. Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another. MonoX updates prices after each swap by calculating new prices for both tokens. When the swap is completed, the price of tokenIn­that is, the token sent by the user­decreases and the price of tokenOut­or the token received by the user­increases. By using the same token for both tokenIn and tokenOut, the hacker greatly inflated the price of the MONO token because the updating of the tokenOut overwrote the price update of the tokenIn. The hacker then exchanged the token for $31 million worth of tokens on the Ethereum and Polygon blockchains...]]> 2021-12-02T14:32:36+00:00 https://www.schneier.com/blog/archives/2021/12/smart-contract-bug-results-in-31-million-loss.html www.secnews.physaphae.fr/article.php?IdArticle=3737587 False Hack None None SecurityWeek - Security News 2021-12-02T11:52:34+00:00 https://www.securityweek.com/former-employee-accused-being-behind-ubiquiti-hack www.secnews.physaphae.fr/article.php?IdArticle=3737186 False Hack None None Wired Threat Level - Security News 2021-11-30T13:00:00+00:00 https://www.wired.com/story/think-climate-change-is-messy-wait-until-geoengineering www.secnews.physaphae.fr/article.php?IdArticle=3727804 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2021-11-30T01:36:45+00:00 https://thehackernews.com/2021/11/panasonic-suffers-data-breach-after.html www.secnews.physaphae.fr/article.php?IdArticle=3727161 False Data Breach,Hack None None TechRepublic - Security News US 2021-11-29T22:23:51+00:00 https://www.techrepublic.com/article/how-to-disable-again-the-blur-effect-on-the-windows-11-login-screen/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3725044 False Hack None None Bleeping Computer - Magazine Américain 2021-11-29T09:40:21+00:00 https://www.bleepingcomputer.com/news/security/panasonic-discloses-data-breach-after-network-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3723010 False Data Breach,Hack,Threat None None SANS Institute - SANS est un acteur de defense et formation 2021 SANS Holiday Hack Challenge begins mid-December, but you can already watch "SANS Holiday Hack Challenge 2021 Q&A with Ed Skoudis" on YouTube. ]]> 2021-11-27T09:31:26+00:00 https://isc.sans.edu/diary/rss/28074 www.secnews.physaphae.fr/article.php?IdArticle=3715195 False Hack None None Schneier on Security - Chercheur Cryptologue Américain suing it: The complaint provides new information on how NSO Group infected victims' devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. NSO Group’s Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers. More news: Apple's legal complaint provides new information on NSO Group's FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim's Apple device and install the latest version of NSO Group's spyware product, Pegasus. The exploit was originally identified by the Citizen Lab, a research group at the University of Toronto. ...]]> 2021-11-24T15:29:13+00:00 https://www.schneier.com/blog/archives/2021/11/apple-sues-nso-group.html www.secnews.physaphae.fr/article.php?IdArticle=3703275 False Hack,Vulnerability None None Graham Cluley - Blog Security 2021-11-23T08:29:16+00:00 https://www.bitdefender.com/blog/hotforsecurity/godaddy-hack-exposes-accounts-of-1-2-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=3697470 False Hack None None SecurityWeek - Security News 2021-11-22T15:55:47+00:00 https://www.securityweek.com/researchers-hack-conti-ransomware-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=3693931 False Ransomware,Hack,Vulnerability None None