www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T21:50:47+00:00 www.secnews.physaphae.fr TroyHunt - Blog Security Ongoing phishing campaign can hack you even when you\'re protected with MFA 2022-07-12T22:58:06+00:00 https://arstechnica.com/?p=1866290 www.secnews.physaphae.fr/article.php?IdArticle=5678460 False Hack None None Bleeping Computer - Magazine Américain Hackers stole $620 million from Axie Infinity via fake job interviews 2022-07-12T14:03:27+00:00 https://www.bleepingcomputer.com/news/security/hackers-stole-620-million-from-axie-infinity-via-fake-job-interviews/ www.secnews.physaphae.fr/article.php?IdArticle=5672903 False Hack None None InformationSecurityBuzzNews - Site de News Securite Marriott Hotels Repeat Hack Proves Businesses Still Way Behind On Cybersecurity 2022-07-12T08:12:36+00:00 https://informationsecuritybuzz.com/expert-comments/marriott-hotels-repeat-hack-proves-businesses-still-way-behind-on-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=5667331 False Data Breach,Hack,Threat None None The Register - Site journalistique Anglais Microsoft resorts to Registry hack to keep Outlook from using Windows 11 search 2022-07-11T12:15:05+00:00 https://go.theregister.com/feed/www.theregister.com/2022/07/11/outlook_search/ www.secnews.physaphae.fr/article.php?IdArticle=5660536 False Hack None None IT Security Guru - Blog Sécurité Hackers Used Fake Job Offer on LinkedIn to Target Axie Infinity 2022-07-11T11:14:33+00:00 https://www.itsecurityguru.org/2022/07/11/hackers-used-fake-job-offer-on-linkedin-to-target-axie-infinity/?utm_source=rss&utm_medium=rss&utm_campaign=hackers-used-fake-job-offer-on-linkedin-to-target-axie-infinity www.secnews.physaphae.fr/article.php?IdArticle=5660413 True Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers Used Fake Job Offer to Hack and Steal $540 Million from Axie Infinity 2022-07-10T22:43:38+00:00 https://thehackernews.com/2022/07/hackers-used-fake-job-offer-to-hack-and.html www.secnews.physaphae.fr/article.php?IdArticle=5658143 False Hack None None InfoSecurity Mag - InfoSecurity Magazine Spear Phishing Fake Job Offer Likely Behind Axie Infinity\'s Lazarus $600m Hack 2022-07-08T16:00:00+00:00 https://www.infosecurity-magazine.com/news/fake-job-offer-behind-axie/ www.secnews.physaphae.fr/article.php?IdArticle=5613385 False Hack APT 38 None InfoSecurity Mag - InfoSecurity Magazine Aon Hack Exposed Sensitive Information of 146,000 Customers 2022-07-08T10:40:00+00:00 https://www.infosecurity-magazine.com/news/aon-hack-sensitive-information/ www.secnews.physaphae.fr/article.php?IdArticle=5609180 False Hack None None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC How can SOC analysts use the cyber kill chain? 50% in 2021, which ultimately demands the use of robust security models such as the Cyber Kill Chain Model, which can help attain strong cybersecurity for organizations. Developed in 2011, the Cyber Kill Model is a widely accepted security model that helps SOC analysts and security practitioners attain security from several cyber-attacks. However, despite its usefulness, the model is yet to achieve the proper recognition it deserves. What is a cyber kill chain? The cyber kill chain model is a cyber security attack framework that helps explain how a specific cyber-attack is executed. In theory, the framework helps break down the steps taken by threat actors while conducting a successful cyber-attack. According to the model, there are seven stages of a cyber-attack that are: Reconnaissance Weaponization Delivery Exploitation Installation Command and control (C2) Actions on objectives The cyber kill chain model essentially debunks the traditional castle and moat method of attaining cyber security for organizations. Instead, the model helps identify, analyze and prevent cyber-attacks altogether. Developed as part of the Intelligence Driven Defense model for identifying and preventing cyber-attacks and data exfiltration, the model is widely accepted and used by various security practitioners. It is recognized as one of the most informative methods for understanding cyber-attacks and places emphasis on both the technology-driven and the social engineering-driven aspects of an attack. A proper understanding of the model can help prevent various attacks such as data breaches, privilege escalation, phishing, malware, ransomware, social engineering, and many more. How do SOC analysts use the cyber kill chain? SOC systems are built within organizations to monitor, detect, investigate, and respond to various cyber-attacks. The teams are charged with protecting sensitive data and the organization's assets, such as personal data, business systems, brand integrity, and intellectual property. Amidst this, the cyber kill chain model can effectively help them identify and mitigate a myriad of cyber-attacks. The seven stages of the cyber kill model demonstrate a specific goal along with a threat actor's path. SOC teams can therefore use the Cyber Kill Chain model to understand these attacks and implement security controls to prevent and detect the cyber-attacks before it thoroughly infiltrates the organization's network in the following method: 1. Reconnaissance This is the first stage of the cyber kill chain and involves the threat actor researching the potential target before the actual attack. Since the threat actor is on the hunt for vulnerabilities within the organization's cybersecurity posture, SOC analysts can ensure security through various means. They can use threat intelligence and network Intrusion Detection System (IDS) to mitigate the attack. Moreover, to minimize the chances of an attack, SOC analysts can also maintain an]]> 2022-07-07T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/how-can-soc-analysts-use-the-cyber-kill-chain www.secnews.physaphae.fr/article.php?IdArticle=5592303 False Ransomware,Malware,Hack,Tool,Threat None None knowbe4 - cybersecurity services CyberheistNews Vol 12 #27 [New FBI and CISA Alert] This Ransomware Strain Uses RDP Flaws to Hack Into Your Network

]]> 2022-07-06T13:06:58+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-27-new-fbi-and-cisa-alert-this-ransomware-strain-uses-rdp-flaws-to-hack-into-your-network www.secnews.physaphae.fr/article.php?IdArticle=5578905 True Ransomware,Hack None None SecurityWeek - Security News Alleged Chinese Police Database Hack Leaks Data of 1 Billion 2022-07-06T10:48:56+00:00 https://www.securityweek.com/alleged-chinese-police-database-hack-leaks-data-1-billion www.secnews.physaphae.fr/article.php?IdArticle=5576840 False Hack None None The Register - Site journalistique Anglais Pentagon: We\'ll pay you if you can find a way to hack us 2022-07-05T20:06:42+00:00 https://go.theregister.com/feed/www.theregister.com/2022/07/05/dod-hackus-bug-bounty/ www.secnews.physaphae.fr/article.php?IdArticle=5567637 False Hack None None SecurityWeek - Security News UK Military Investigates Hacks on Army Social Media Accounts 2022-07-05T16:36:56+00:00 https://www.securityweek.com/uk-military-investigates-hacks-army-social-media-accounts www.secnews.physaphae.fr/article.php?IdArticle=5564854 False Hack None None Wired Threat Level - Security News The Worst Hacks and Breaches of 2022 So Far 2022-07-04T11:00:00+00:00 https://www.wired.com/story/worst-hacks-breaches-2022/ www.secnews.physaphae.fr/article.php?IdArticle=5549590 False Hack None None IT Security Guru - Blog Sécurité Threat Actor Group Claims Responsibility for High Profile University Hacks 2022-07-04T10:17:26+00:00 https://www.itsecurityguru.org/2022/07/04/threat-actor-group-claims-responsibility-for-high-profile-university-hacks/?utm_source=rss&utm_medium=rss&utm_campaign=threat-actor-group-claims-responsibility-for-high-profile-university-hacks www.secnews.physaphae.fr/article.php?IdArticle=5550108 False Hack,Threat None None Dark Reading - Informationweek Branch OpenSea NFT Marketplace Faces Insider Hack 2022-07-01T19:09:27+00:00 https://www.darkreading.com/vulnerabilities-threats/opensea-nft-marketplace-faces-insider-hack www.secnews.physaphae.fr/article.php?IdArticle=5497295 False Hack None None InfoSecurity Mag - InfoSecurity Magazine Threat Actor Claims Responsibility For IBM and Stanford University Hack 2022-07-01T16:00:00+00:00 https://www.infosecurity-magazine.com/news/ta-claims-ibm-stanford-university/ www.secnews.physaphae.fr/article.php?IdArticle=5494136 False Hack None None InformationSecurityBuzzNews - Site de News Securite UnRAR Vulnerability Lets Attackers Hack Zimbra Webmail Servers 2022-07-01T14:17:57+00:00 https://informationsecuritybuzz.com/expert-comments/unrar-vulnerability-lets-attackers-hack-zimbra-webmail-servers/ www.secnews.physaphae.fr/article.php?IdArticle=5493103 True Hack,Vulnerability None None knowbe4 - cybersecurity services [New FBI and CISA Alert] This ransomware strain uses RDP flaws to hack into your network

]]> 2022-07-01T10:47:10+00:00 https://blog.knowbe4.com/new-fbi-and-cisa-alert-this-ransomware-strain-uses-rdp-flaws-to-hack-into-your-network www.secnews.physaphae.fr/article.php?IdArticle=5489139 False Ransomware,Hack None None Security Affairs - Blog Secu Experts blame North Korea-linked Lazarus APT for the Harmony hack North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. Harmony's […] ]]> 2022-06-30T17:58:47+00:00 https://securityaffairs.co/wordpress/132759/hacking/harmony-hack-lazarus-apt.html www.secnews.physaphae.fr/article.php?IdArticle=5473880 False Hack,Threat APT 38 None SecurityWeek - Security News North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist 2022-06-30T17:27:16+00:00 https://www.securityweek.com/north-korea-lazarus-hackers-blamed-100-million-horizon-bridge-heist www.secnews.physaphae.fr/article.php?IdArticle=5474531 False Hack APT 38 None Dark Reading - Informationweek Branch NXM Announces Platform That Protects Space Infrastructure and IoT Devices From Cyberattacks 2022-06-30T16:54:28+00:00 https://www.darkreading.com/iot/nxm-announces-platform-that-protects-space-infrastructure-and-iot-devices-from-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=5473332 False Hack None None InfoSecurity Mag - InfoSecurity Magazine North Korea\'s Lazarus Group Suspected of $100m Harmony Hack 2022-06-30T16:00:00+00:00 https://www.infosecurity-magazine.com/news/lazarus-suspected-harmony-hack/ www.secnews.physaphae.fr/article.php?IdArticle=5472677 False Hack APT 38 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean Hackers Suspected to be Behind $100M Horizon Bridge Hack 2022-06-29T23:01:41+00:00 https://thehackernews.com/2022/06/north-korean-hackers-suspected-to-be.html www.secnews.physaphae.fr/article.php?IdArticle=5465954 False Hack,Medical APT 38 None InfoSecurity Mag - InfoSecurity Magazine New UnRAR Vulnerability Could Lead to Zimbra Webmail Hack 2022-06-29T16:30:00+00:00 https://www.infosecurity-magazine.com/news/unrar-vulnerability-lead-zimbra/ www.secnews.physaphae.fr/article.php?IdArticle=5454493 False Hack,Vulnerability None None Security Affairs - Blog Secu Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote attackers to execute arbitrary code on a system that relies on the binary, like Zimbra […] ]]> 2022-06-29T14:48:08+00:00 https://securityaffairs.co/wordpress/132737/breaking-news/unrar-path-traversal-flaw-zimbra.html www.secnews.physaphae.fr/article.php?IdArticle=5452615 False Hack,Vulnerability None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers 2022-06-29T01:29:21+00:00 https://thehackernews.com/2022/06/new-unrar-vulnerability-could-let.html www.secnews.physaphae.fr/article.php?IdArticle=5448833 False Hack,Vulnerability None None Bleeping Computer - Magazine Américain AMD investigates RansomHouse hack claims, theft of 450GB data 2022-06-28T13:18:14+00:00 https://www.bleepingcomputer.com/news/security/amd-investigates-ransomhouse-hack-claims-theft-of-450gb-data/ www.secnews.physaphae.fr/article.php?IdArticle=5434769 False Hack,Threat None None Bleeping Computer - Magazine Américain Breaking Down the Zola Hack and Why Password Reuse is so Dangerous 2022-06-28T10:02:01+00:00 https://www.bleepingcomputer.com/news/security/breaking-down-the-zola-hack-and-why-password-reuse-is-so-dangerous/ www.secnews.physaphae.fr/article.php?IdArticle=5432156 False Hack None None Bleeping Computer - Magazine Américain Microsoft Exchange bug abused to hack building automation systems 2022-06-27T11:39:17+00:00 https://www.bleepingcomputer.com/news/security/microsoft-exchange-bug-abused-to-hack-building-automation-systems/ www.secnews.physaphae.fr/article.php?IdArticle=5420006 False Hack,Threat None None Tech Worm - Desc Harmony Blockchain Bridge Loses $100 Million In Crypto Hack U.S. based firm Harmony, the crypto start-up behind Horizon Blockchain Bridge, on Friday announced that $100 million worth of digital tokens were stolen from one of its key products. For the unversed, Horizon Blockchain Bridge allows users to transfer their crypto assets including tokens, stablecoins, and NFTs, between Ethereum, Binance Smart Chain, and the Harmony blockchain. The company said that on June 23, 2022, […] ]]> 2022-06-25T17:14:05+00:00 https://www.techworm.net/2022/06/harmony-blockchain-bridge-million-crypto-hack.html www.secnews.physaphae.fr/article.php?IdArticle=5384481 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data 2022-06-23T19:36:46+00:00 https://thehackernews.com/2022/06/log4shell-still-being-exploited-to-hack.html www.secnews.physaphae.fr/article.php?IdArticle=5352601 False Hack,Threat None None Bleeping Computer - Magazine Américain CISA: Log4Shell exploits still being used to hack VMware servers 2022-06-23T15:28:48+00:00 https://www.bleepingcomputer.com/news/security/cisa-log4shell-exploits-still-being-used-to-hack-vmware-servers/ www.secnews.physaphae.fr/article.php?IdArticle=5346341 False Hack,Threat None None Bleeping Computer - Magazine Américain Conti ransomware hacking spree breaches over 40 orgs in a month 2022-06-23T06:05:37+00:00 https://www.bleepingcomputer.com/news/security/conti-ransomware-hacking-spree-breaches-over-40-orgs-in-a-month/ www.secnews.physaphae.fr/article.php?IdArticle=5339773 False Ransomware,Hack None None Security Affairs - Blog Secu Russian APT28 hacker accused of the NATO think tank hack in Germany The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28. The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek (aka “blabla1234565” and “kazak”) who is accused to have carried out a cyber espionage attack against the NATO […] ]]> 2022-06-20T21:46:13+00:00 https://securityaffairs.co/wordpress/132452/hacking/apt28-hacked-nato-think-tank.html www.secnews.physaphae.fr/article.php?IdArticle=5302356 False Hack APT 28 None SecurityWeek - Security News Jury Convicts Seattle Woman in Massive Capital One Hack 2022-06-20T10:58:14+00:00 https://www.securityweek.com/jury-convicts-seattle-woman-massive-capital-one-hack www.secnews.physaphae.fr/article.php?IdArticle=5296782 False Hack None None SkullSecurity - Blog Sécu BSidesSF 2022 Writeups: Tutorial Challenges (Shurdles, Loadit, Polyglot, NFT) on github. Most have either a Dockerfile or instructions on how to run locally. Enjoy! Here are the four BSidesSF CTF blogs: shurdles1/2/3, loadit1/2/3, polyglot, and not-for-taking mod_ctfauth, refreshing turtle, guessme loca, reallyprettymundane Shurdles - Shellcode Hurdles The Shurdles challenges are loosely based on a challenge from last year, Hurdles, as well as a Holiday Hack Challenge 2021 challenge I wrote called Shellcode Primer. It uses a tool I wrote called Mandrake to instrument shellcode to tell the user what's going on. It's helpful for debugging, but even more helpful as a teaching tool! The difference between this and the Holiday Hack version was that this time, I didn't bother to sandbox it, so you could pop a shell and inspect the box. I'm curious if folks did that.. probably they couldn't damage anything, and there's no intellectual property to steal. :) I'm not going to write up the solutions, but I did include solutions in the repository. Although I don't work for Counter Hack anymore, a MUCH bigger version of this challenge that I wrote is included in the SANS NetWars version launching this year. It covers a huge amount, including how to write bind- and reverse-shell shellcode from scratch. It's super cool! Unfortunately, I don't think SANS is doing hybrid events anymore, but if you find yourself at a SANS event be sure to check out NetWars! Loadit - Learning how to use LD_PRELOAD I wanted to make a few challenges that can be solved with LD_PRELOAD, which is where loadit came from! These are designed to be tutorial-style, so I think the solutions mostly speak for themselves. One interesting tidbit is that the third loadit challenge requires some state to be kept - rand() needs to return several different values. I had a few folks ask me about that, so I'll show off my solution here: #include int rand(void) { int answers[] = { 20, 22, 12, 34, 56, 67 }; static int count = 0; return answers[count++]; } // Just for laziness unsigned int sleep(unsigned int seconds) { return 0; } I use the static variable type to keep track of how many times rand() has been called. When you declare something as static inside a function, it means that the variable is initialized the first time the function is called, but changes are maintained as if it's a global variable (at least conceptually - in reality, it's initialized when the program is loaded, even if the function is never called). Ironically, this solution actually has an overflow - the 7th time and onwards rand() is called, it will start manipulating random memory. Luckily, we know that'll never happen. :)]]> 2022-06-17T20:19:14+00:00 https://www.skullsecurity.org/2022/bsidessf-2022-writeups-tutorial-challenges-shurdles-loadit-polyglot-nft www.secnews.physaphae.fr/article.php?IdArticle=8300180 False Hack,Tool None 4.0000000000000000 Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe DragonForce Gang Unleash Hacks Against Govt. of India 2022-06-15T13:59:37+00:00 https://threatpost.com/hackers-india-government/179968/ www.secnews.physaphae.fr/article.php?IdArticle=5165403 False Hack None None InformationSecurityBuzzNews - Site de News Securite Report Reveals $1.7 Billion Hacked From Top 10 Centralised Crypto Exchanges Over The Last Decade 2022-06-14T13:09:05+00:00 https://informationsecuritybuzz.com/expert-comments/report-reveals-1-7-billion-hacked-from-top-10-centralised-crypto-exchanges-over-the-last-decade/ www.secnews.physaphae.fr/article.php?IdArticle=5144109 False Hack None None Security Affairs - Blog Secu PACMAN, a new attack technique against Apple M1 CPUs PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems. PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. The pointer authentication codes (PACs) allow to detect and guard against unexpected changes to pointers in memory. […] ]]> 2022-06-11T13:34:12+00:00 https://securityaffairs.co/wordpress/132154/hacking/pacman-attack-apple-m1-cpus.html www.secnews.physaphae.fr/article.php?IdArticle=5095633 False Hack None None Dark Reading - Informationweek Branch Why AIs Will Become Hackers 2022-06-09T15:15:24+00:00 https://www.darkreading.com/dr-tech/why-ais-will-become-hackers www.secnews.physaphae.fr/article.php?IdArticle=5058689 False Hack None 4.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Gone in 130 seconds: New Tesla hack gives thieves their own personal key 2022-06-08T20:21:29+00:00 https://arstechnica.com/?p=1859753 www.secnews.physaphae.fr/article.php?IdArticle=5045320 False Hack None None ComputerWeekly - Computer Magazine China using top consumer routers to hack Western comms networks 2022-06-08T09:00:00+00:00 https://www.computerweekly.com/news/252521253/China-using-top-consumer-routers-to-hack-Western-comms-networks www.secnews.physaphae.fr/article.php?IdArticle=5039834 False Hack None 4.0000000000000000 knowbe4 - cybersecurity services [Live Demo] Ridiculously Easy Security Awareness Training and Phishing

live-demo-ridiculously-easy-security-awareness-training-and-phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.]]> 2022-06-06T22:14:34+00:00 https://blog.knowbe4.com/live-demo-security-awareness-training-and-phishing www.secnews.physaphae.fr/article.php?IdArticle=5016716 False Hack None None Bleeping Computer - Magazine Américain Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack 2022-06-04T15:23:45+00:00 https://www.bleepingcomputer.com/news/security/bored-ape-yacht-club-otherside-nfts-stolen-in-discord-server-hack/ www.secnews.physaphae.fr/article.php?IdArticle=4978120 False Hack None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again 2022-06-03T13:46:55+00:00 https://threatpost.com/old-hacks-die-hard-ransomware-social-engineering-top-verizon-dbir-threats-again/179864/ www.secnews.physaphae.fr/article.php?IdArticle=4951509 False Hack,Threat None None Bleeping Computer - Magazine Américain Ransomware gang now hacks corporate websites to show ransom notes 2022-06-02T15:01:51+00:00 https://www.bleepingcomputer.com/news/security/ransomware-gang-now-hacks-corporate-websites-to-show-ransom-notes/ www.secnews.physaphae.fr/article.php?IdArticle=4935621 False Ransomware,Hack None None SecurityWeek - Security News Dutch Used Pegasus Spyware on Most-Wanted Criminal: Report 2022-06-02T15:00:11+00:00 https://www.securityweek.com/dutch-used-pegasus-spyware-most-wanted-criminal-report www.secnews.physaphae.fr/article.php?IdArticle=4933237 False Hack None None The Register - Site journalistique Anglais <i>Reg</i> hack attends holographic WebEx meeting, blows away Zoom fatigue promised "photorealistic, real-time holograms of actual people" and the chance to "share physical and digital content".…]]> 2022-06-01T06:59:07+00:00 https://go.theregister.com/feed/www.theregister.com/2022/06/01/cisco_webex_hologram_first_look/ www.secnews.physaphae.fr/article.php?IdArticle=4915691 False Hack None None Kaspersky - Kaspersky Research blog IT threat evolution Q1 2022 2022-05-27T08:00:43+00:00 https://securelist.com/it-threat-evolution-q1-2022/106513/ www.secnews.physaphae.fr/article.php?IdArticle=4834229 False Hack,Threat APT 38 3.0000000000000000 The State of Security - Magazine Américain A Problem Like API Security: How Attackers Hack Authentication There is a sight gag that has been used in a number of movies and TV comedies that involves an apartment building lobby. It shows how people who don't live there, but who want to get in anyway, such as Girl Guides looking to sell cookies to the tenants – simply run their fingers down […]… Read More ]]> 2022-05-26T03:00:00+00:00 https://www.tripwire.com/state-of-security/security-data-protection/api-security/api-security-how-attackers-hack-authentication/ www.secnews.physaphae.fr/article.php?IdArticle=4813633 False Hack None None Security Affairs - Blog Secu Chaining Zoom bugs is possible to hack users in a chat by sending them a message Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set of four security flaws in the popular video conferencing service Zoom could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages.Tracked from CVE-2022-22784 through CVE-2022-22787, […] ]]> 2022-05-25T11:12:40+00:00 https://securityaffairs.co/wordpress/131654/hacking/zoom-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=4801514 True Hack None None CSO - CSO Daily Dashboard Security and privacy laws, regulations, and compliance: The complete guide Broadly applicable laws and regulations Sarbanes-Oxley Act (SOX) Payment Card Industry Data Security Standard (PCI DSS) Payment Service Directive, revised (PSD2) Gramm-Leach-Bliley Act (GLBA) Customs-Trade Partnership Against Terrorism (C-TPAT) Free and Secure Trade Program (FAST) Children's Online Privacy Protection Act (COPPA) Fair and Accurate Credit Transaction Act (FACTA), including Red Flags Rule Federal Rules of Civil Procedure (FRCP) Industry-specific guidelines and requirements Federal Information Security Management Act (FISMA) North American Electric Reliability Corp. (NERC) standards Title 21 of the Code of Federal Regulations (21 CFR Part 11) Electronic Records Health Insurance Portability and Accountability Act (HIPAA) The Health Information Technology for Economic and Clinical Health Act (HITECH) Patient Safety and Quality Improvement Act (PSQIA, Patient Safety Rule) H.R. 2868: The Chemical Facility Anti-Terrorism Standards Regulation US state laws California Consumer Privacy Act (CCPA) California Privacy Rights Act (CPRA) Colorado Privacy Act Connecticut Data Privacy Act (CTDPA) Maine Act to Protect the Privacy of Online Consumer Information Maryland Personal Information Protection Act – Security Breach Notification Requirements – Modifications (House Bill 1154) Massachusetts 201 CMR 17 (aka Mass Data Protection Law) Massachusetts Bill H.4806 - An Act relative to consumer protection from security breaches ]]> 2022-05-25T02:00:00+00:00 https://www.csoonline.com/article/3604334/csos-ultimate-guide-to-security-and-privacy-laws-regulations-and-compliance.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4799314 False Hack None None Ars Technica - Risk Assessment Security Hacktivism Server hack yields harrowing images of life inside Chinese detention camps 2022-05-24T23:31:15+00:00 https://arstechnica.com/?p=1856217 www.secnews.physaphae.fr/article.php?IdArticle=4792726 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message 2022-05-24T20:59:02+00:00 https://thehackernews.com/2022/05/new-zoom-flaws-could-let-attackers-hack.html www.secnews.physaphae.fr/article.php?IdArticle=4796643 False Hack None None CybeReason - Vendor blog Malicious Life Podcast: What The LinkedIn Hack Taught Us About Storing Passwords

]]> 2022-05-24T15:00:49+00:00 https://www.cybereason.com/blog/malicious-life-podcast-what-the-linkedin-hack-taught-us-about-storing-passwords www.secnews.physaphae.fr/article.php?IdArticle=4787705 False Hack None None Dark Reading - Informationweek Branch Crypto Hacks Aren\'t a Niche Concern; They Impact Wider Society 2022-05-24T14:00:00+00:00 https://www.darkreading.com/attacks-breaches/crypto-hacks-aren-t-a-niche-concern-they-impact-wider-society www.secnews.physaphae.fr/article.php?IdArticle=4786928 False Hack None None Bleeping Computer - Magazine Américain Hackers can hack your online accounts before you even register them 2022-05-23T13:02:01+00:00 https://www.bleepingcomputer.com/news/security/hackers-can-hack-your-online-accounts-before-you-even-register-them/ www.secnews.physaphae.fr/article.php?IdArticle=4776667 False Hack None None Bleeping Computer - Magazine Américain Russian Sberbank says it\'s facing massive waves of DDoS attacks 2022-05-20T07:53:39+00:00 https://www.bleepingcomputer.com/news/security/russian-sberbank-says-it-s-facing-massive-waves-of-ddos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=4712521 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars 2022-05-19T19:08:09+00:00 https://thehackernews.com/2022/05/new-bluetooth-hack-could-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=4707774 False Hack,Vulnerability None None Bleeping Computer - Magazine Américain Microsoft detects massive surge in Linux XorDDoS malware activity 2022-05-19T13:45:00+00:00 https://www.bleepingcomputer.com/news/security/microsoft-detects-massive-surge-in-linux-xorddos-malware-activity/ www.secnews.physaphae.fr/article.php?IdArticle=4707699 False Malware,Hack None 5.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET The flip side of the coin: Why crypto is catnip for criminals Cybercriminals continue to mine for opportunities in the crypto space – here's what you should know about coin-mining hacks and crypto theft ]]> 2022-05-19T09:30:53+00:00 https://www.welivesecurity.com/2022/05/19/flip-side-coin-why-crypto-catnip-criminals/ www.secnews.physaphae.fr/article.php?IdArticle=4707798 False Hack None 3.0000000000000000 CSO - CSO Daily Dashboard Uber CISO\'s trial underscores the importance of truth, transparency, and trust both of whom were later indicted for their breach of Lynda (a company acquired by Linkedin).To read this article in full, please click here]]> 2022-05-19T02:00:00+00:00 https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4704406 False Data Breach,Hack Uber,Uber None Graham Cluley - Blog Security Smashing Security podcast #275: Jail for Bing, and mental health apps may not be good for you 2022-05-18T23:03:26+00:00 https://grahamcluley.com/smashing-security-podcast-275/ www.secnews.physaphae.fr/article.php?IdArticle=4695607 False Hack None None Ars Technica - Risk Assessment Security Hacktivism New Bluetooth hack can unlock your Tesla-and all kinds of other devices 2022-05-18T14:03:55+00:00 https://arstechnica.com/?p=1854858 www.secnews.physaphae.fr/article.php?IdArticle=4689109 False Hack None None Bleeping Computer - Magazine Américain Apple emergency update fixes zero-day used to hack Macs, Watches 2022-05-16T14:33:32+00:00 https://www.bleepingcomputer.com/news/security/apple-emergency-update-fixes-zero-day-used-to-hack-macs-watches/ www.secnews.physaphae.fr/article.php?IdArticle=4659313 False Hack,Vulnerability,Threat None None Detectify - Detectify Labs How To Hack Web Applications in 2022: Part 1 2022-05-16T13:13:18+00:00 https://labs.detectify.com/2022/05/16/how-to-hack-web-applications/ www.secnews.physaphae.fr/article.php?IdArticle=5688214 False Hack None None BBC - BBC News - Technology UK blames Russia for satellite internet hack at start of war 2022-05-10T16:33:30+00:00 https://www.bbc.co.uk/news/technology-61396331?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=4664630 False Hack None 5.0000000000000000 SecurityWeek - Security News EU Blames Russia for Satellite Hack Ahead of Ukraine Invasion 2022-05-10T11:49:30+00:00 https://www.securityweek.com/eu-blames-russia-satellite-hack-ahead-ukraine-invasion www.secnews.physaphae.fr/article.php?IdArticle=4572019 False Hack None 3.0000000000000000 SecurityWeek - Security News West Blames Russia for Satellite Hack Ahead of Ukraine Invasion 2022-05-10T11:49:30+00:00 https://www.securityweek.com/west-blames-russia-satellite-hack-ahead-ukraine-invasion www.secnews.physaphae.fr/article.php?IdArticle=4573718 True Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions 2022-05-06T21:23:05+00:00 https://thehackernews.com/2022/05/us-sanctions-cryptocurrency-mixer.html www.secnews.physaphae.fr/article.php?IdArticle=4559230 False Hack,Medical APT 38,APT 28 3.0000000000000000 CybeReason - Vendor blog The Global Impact of Operation CuckooBees

The Global Impact of Operation CuckooBees

Nation-states hack each other. This is the reality we live in and have for some time. The difference is some attacks are more dangerous than others, with a global impact. I'm proud of the research the Cybereason team has unveiled this week on Operation CuckooBees. This research is different. This campaign goes beyond nation-state espionage and has a ripple effect with consequences that impact the global economy. ]]> 2022-05-06T14:24:54+00:00 https://www.cybereason.com/blog/the-global-impact-of-operation-cuckoobees www.secnews.physaphae.fr/article.php?IdArticle=4555891 False Hack None 4.0000000000000000 McAfee Labs - Editeur Logiciel Instagram Hack Results in $1 Million Loss in NFTs Imagine – your favorite brand on Instagram just announced a giveaway. You'll receive a free gift! All you have to... ]]> 2022-05-04T14:09:46+00:00 https://www.mcafee.com/blogs/mobile-security/instagram-hack-results-in-1-million-loss-in-nfts/ www.secnews.physaphae.fr/article.php?IdArticle=4543362 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Twitter\'s New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal 2022-04-28T02:57:15+00:00 https://thehackernews.com/2022/04/twitters-new-owner-elon-musk-wants-dms.html www.secnews.physaphae.fr/article.php?IdArticle=4516296 False Hack None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Private Investigator Admits Role in Hedge Fund Hack 2022-04-27T16:00:00+00:00 https://www.infosecurity-magazine.com/news/private-investigator-hedge-hack/ www.secnews.physaphae.fr/article.php?IdArticle=4514144 False Hack,Guideline None None SecurityWeek - Security News Coca-Cola Investigating Hack Claims Made by Pro-Russia Group 2022-04-27T10:34:42+00:00 https://www.securityweek.com/coca-cola-investigating-hack-claims-made-pro-russia-group www.secnews.physaphae.fr/article.php?IdArticle=4512684 False Hack None None TechRepublic - Security News US Developer workflow for software supply-chain security is in high demand 2022-04-26T13:00:05+00:00 https://www.techrepublic.com/article/developer-workflow-software-supply-chain-security-high-demand/ www.secnews.physaphae.fr/article.php?IdArticle=4508336 False Hack None 5.0000000000000000 TroyHunt - Blog Security Hackers hammer SpringShell vulnerability in attempt to install cryptominers 2022-04-22T21:53:59+00:00 https://arstechnica.com/?p=1850048 www.secnews.physaphae.fr/article.php?IdArticle=4495535 False Hack,Vulnerability None 4.0000000000000000 Security Affairs - Blog Secu Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack 2022-04-21T20:17:50+00:00 https://securityaffairs.co/wordpress/130459/hacking/critical-bug-popular-chipsets-android-hack.html www.secnews.physaphae.fr/article.php?IdArticle=4489861 False Hack None None The Security Ledger - Blog Sécurité Episode 237: Jacked on the Beanstalk – DeFi\'s Security Debt Runs Wide, Deep 2022-04-19T15:31:51+00:00 https://feeds.feedblitz.com/~/691937244/0/thesecurityledger~Episode-Jacked-on-the-Beanstalk-DeFi%e2%80%99s-Security-Debt-Runs-Wide-Deep/ www.secnews.physaphae.fr/article.php?IdArticle=4478496 False Hack None None Security Affairs - Blog Secu The unceasing action of Anonymous against Russia 2022-04-16T17:00:40+00:00 https://securityaffairs.co/wordpress/130262/hacktivism/anonymous-targets-russian-entities.html www.secnews.physaphae.fr/article.php?IdArticle=4465061 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector 2022-04-16T01:31:45+00:00 https://thehackernews.com/2022/04/lazarus-hackers-behind-540-million-axie.html www.secnews.physaphae.fr/article.php?IdArticle=4463512 False Hack,Threat,Medical APT 38,APT 28 None Security Affairs - Blog Secu Conti Ransomware Gang claims responsibility for the Nordex hack 2022-04-15T19:49:36+00:00 https://securityaffairs.co/wordpress/130238/cyber-crime/conti-ransomware-claims-nordex-attack.html www.secnews.physaphae.fr/article.php?IdArticle=4458950 False Ransomware,Hack None None 01net. Actualites - Securite - Magazine Francais Comment les hackers nord-coréens sont passés maîtres dans le vol de cryptomonnaies ]]> 2022-04-15T02:27:56+00:00 https://www.01net.com/actualites/comment-les-hackers-nord-coreens-sont-passes-maitres-dans-le-vol-de-cryptomonnaies-2055918.html www.secnews.physaphae.fr/article.php?IdArticle=4482431 False Hack None None Security Affairs - Blog Secu JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals 2022-04-13T12:15:55+00:00 https://securityaffairs.co/wordpress/130157/security/jekyllbot5-flaws-tug-autonomous-mobile-robots.html www.secnews.physaphae.fr/article.php?IdArticle=4440526 True Hack None None SecurityWeek - Security News Ukraine Says Potent Russian Hack Against Power Grid Thwarted 2022-04-12T23:44:48+00:00 https://www.securityweek.com/ukraine-says-potent-russian-hack-against-power-grid-thwarted www.secnews.physaphae.fr/article.php?IdArticle=4438317 False Hack None None SecurityWeek - Security News \'JekyllBot:5\' Vulnerabilities Allow Remote Hacking of Hospital Robots 2022-04-12T11:10:49+00:00 https://www.securityweek.com/jekyllbot5-vulnerabilities-allow-remote-hacking-hospital-robots www.secnews.physaphae.fr/article.php?IdArticle=4434437 False Hack None None IT Security Guru - Blog Sécurité Website of Russian oil giant allegedly hacked 2022-04-08T09:05:44+00:00 https://www.itsecurityguru.org/2022/04/08/website-of-russian-oil-giant-allegedly-hacked/?utm_source=rss&utm_medium=rss&utm_campaign=website-of-russian-oil-giant-allegedly-hacked www.secnews.physaphae.fr/article.php?IdArticle=4416133 True Hack None None InfoSecurity Mag - InfoSecurity Magazine Website of Russian Oil Giant Gazprom Neft Down After Alleged Hack 2022-04-07T16:30:00+00:00 https://www.infosecurity-magazine.com/news/russian-oil-gazprom-neft-hack/ www.secnews.physaphae.fr/article.php?IdArticle=4412596 False Hack None None InformationSecurityBuzzNews - Site de News Securite Brokenwire Hack Could Let Remote Attackers Disrupt Charging For Electric Vehicles 2022-04-07T11:50:44+00:00 https://informationsecuritybuzz.com/expert-comments/brokenwire-hack-could-let-remote-attackers-disrupt-charging-for-electric-vehicles/ www.secnews.physaphae.fr/article.php?IdArticle=4411071 False Hack None None The Last Watchdog - Blog Sécurité de Byron V Acohido GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise hack of NewsCorp, important lessons are emerging for the cybersecurity and journalism communities. Related: How China challenged Google in Operation Aurora The Chinese government is well known for its censorship– and … (more…) ]]> 2022-04-05T11:59:04+00:00 https://www.lastwatchdog.com/guest-essay-newscorp-hack-shows-cyber-espionage-squelching-of-press-freedom-on-the-rise/ www.secnews.physaphae.fr/article.php?IdArticle=4398756 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles 2022-04-04T03:41:30+00:00 https://thehackernews.com/2022/04/brokenwire-hack-could-let-remote.html www.secnews.physaphae.fr/article.php?IdArticle=4392495 False Hack None None Security Affairs - Blog Secu Anonymous targets oligarchs\' Russian businesses: Marathon Group hacked 2022-04-01T14:42:28+00:00 https://securityaffairs.co/wordpress/129713/hacktivism/anonymous-hacked-marathon-group.html www.secnews.physaphae.fr/article.php?IdArticle=4379286 False Hack None None Security Affairs - Blog Secu Apple issues emergency patches to fix actively exploited zero-days 2022-03-31T20:05:46+00:00 https://securityaffairs.co/wordpress/129672/security/apple-emergency-patches-zero-days.html?utm_source=rss&utm_medium=rss&utm_campaign=apple-emergency-patches-zero-days www.secnews.physaphae.fr/article.php?IdArticle=4374677 False Hack None None SecurityWeek - Security News SentinelLabs: New Modem Wiper Malware May be Connected to Viasat Hack devastating Viasat hack that took down wind turbines in Germany. ]]> 2022-03-31T17:27:39+00:00 https://www.securityweek.com/sentinellabs-new-modem-wiper-malware-may-be-connected-viasat-hack www.secnews.physaphae.fr/article.php?IdArticle=4374034 False Malware,Hack None None Ars Technica - Risk Assessment Security Hacktivism IT giant Globant discloses hack after Lapsus$ leaks 70GB of stolen data 2022-03-30T20:40:03+00:00 https://arstechnica.com/?p=1844610 www.secnews.physaphae.fr/article.php?IdArticle=4369389 False Hack None None InfoSecurity Mag - InfoSecurity Magazine Personal Data of 820,000 NYC Students Exposed 2022-03-30T16:00:00+00:00 https://www.infosecurity-magazine.com/news/personal-data-of-820k-nyc-students/ www.secnews.physaphae.fr/article.php?IdArticle=4368138 False Hack None 2.0000000000000000 SecurityWeek - Security News Remote \'Brokenwire\' Hack Prevents Charging of Electric Vehicles 2022-03-30T14:57:56+00:00 https://www.securityweek.com/remote-brokenwire-hack-prevents-charging-electric-vehicles www.secnews.physaphae.fr/article.php?IdArticle=4367260 False Hack None None InformationSecurityBuzzNews - Site de News Securite Ronin Network Cryptocurrency Hack, Experts Commentary 2022-03-30T14:23:49+00:00 https://informationsecuritybuzz.com/expert-comments/ronin-network-cryptocurrency-hack-experts-commentary/ www.secnews.physaphae.fr/article.php?IdArticle=4366763 False Hack None None Security Affairs - Blog Secu Lapsus$ extortion gang claims to have hacked IT Giant Globant 2022-03-30T14:18:14+00:00 https://securityaffairs.co/wordpress/129615/cyber-crime/lapsus-gang-hacked-globant.html?utm_source=rss&utm_medium=rss&utm_campaign=lapsus-gang-hacked-globant www.secnews.physaphae.fr/article.php?IdArticle=4366754 False Hack None None