What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-05-18 14:24:28 | Statistiques des laboratoires de netskopes pour avril 2023 Netskope Threat Labs Stats for April 2023 (lien direct) |
>Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary Attackers continue to attempt to fly under the radar by using cloud apps to deliver malware, […]
>Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary Attackers continue to attempt to fly under the radar by using cloud apps to deliver malware, […] |
Threat Cloud | ★★ | |
|
2023-05-16 14:00:00 | Système de fichiers interplanétaire: un endroit décentralisé pour héberger du contenu de phishing InterPlanetary File System: A Decentralized Place to Host Phishing Content (lien direct) |
> Résumé Netskope Threat Labs suit les campagnes de phishing abusant du système de fichiers interplanétaires (IPF) pour livrer leurs charges utiles.Du 1er mars au 30 avril, Netskope Threat Labs a connu une augmentation de 7x du trafic vers les pages de phishing IPF.Les attaques ont ciblé les victimes principalement en Amérique du Nord et en Asie-Pacifique dans différents segments, dirigés par [& # 8230;]
>Summary Netskope Threat Labs is tracking phishing campaigns abusing InterPlanetary File System (IPFS) to deliver their payloads. From March 1 to April 30, Netskope Threat Labs has seen a 7x increase in traffic to IPFS phishing pages. The attacks have been targeting victims mainly in North America and Asia Pacific across different segments, led by […] |
Threat | ★★ | |
|
2023-05-11 14:00:00 | Menaces d'initiés emballant leurs sacs avec des données d'entreprise Insider Threats Packing Their Bags With Corporate Data (lien direct) |
> Introduction L'histoire d'initiés, qu'il s'agisse d'un employé mécontent ou négligent, est un employé qui est familier à de nombreuses organisations.Le rapport sur les menaces d'initiés de Secuonix 2020 a révélé que 60% des cas de menace d'initiés avec lesquels ils ont traité impliquaient un employé de «risque de vol» ou une personne qui s'apprête à quitter son emploi.Dans aujourd'hui \'s [& # 8230;]
>Introduction The insider story, whether it is a disgruntled or negligent employee, is one that is familiar to many organizations. The 2020 Securonix Insider Threat Report found that 60% of the insider threat cases they dealt with involved a “flight risk” employee, or an individual that is getting ready to leave their employment. In today\'s […] |
Threat | ★★★ | |
|
2023-05-08 18:29:11 | Roundup des nouvelles de la menace des laboratoires: avril 2023 Threat Labs News Roundup: April 2023 (lien direct) |
> Résumé Le but de la série Roundup de Netkope Threat Labs est de fournir aux équipes de sécurité des entreprises un mémoire de la meilleure cybersécurité du monde entier.Le mémoire comprend des résumés et des liens vers les meilleurs articles couvrant des menaces compatibles avec le cloud, des logiciels malveillants et des ransomwares.Top Stories Microsoft élimine les serveurs de frappe Cobalt Microsoft, [& # 8230;]
>Summary The purpose of the Netskope Threat Labs News Roundup series is to provide enterprise security teams an actionable brief on the top cybersecurity news from around the world. The brief includes summaries and links to the top news items spanning cloud-enabled threats, malware, and ransomware. Top Stories Microsoft takes down Cobalt Strike servers Microsoft, […] |
Threat | ★★ | |
|
2023-05-04 13:47:15 | Mémo sur les menaces du cloud: les acteurs de menaces parrainées par l'État du Nord-coréen continuent d'exploiter les services cloud légitimes Cloud Threats Memo: North-Korean State-Sponsored Threat Actors Continue to Exploit Legitimate Cloud Services (lien direct) |
> Soyez le premier à recevoir la note de menaces de cloud directement dans votre boîte de réception en vous abonnant ici.Bien que les applications cloud les plus courantes soient également les plus exploitées pour fournir du contenu malveillant, les acteurs de menaces opportunistes et parrainés par l'État recherchent constamment des services cloud supplémentaires pour tirer parti de plusieurs étapes de la chaîne d'attaque.L'exploitation croissante [& # 8230;]
>Be the first to receive the Cloud Threats Memo directly in your inbox by subscribing here. While the most common cloud apps are also the most exploited for delivering malicious content, opportunistic and state-sponsored threat actors are constantly looking for additional cloud services to leverage throughout multiple stages of the attack chain. The growing exploitation […] |
Threat Cloud | ★★ | |
|
2023-05-02 18:50:11 | Couverture des menaces de netskope: ransomware à bloc Netskope Threat Coverage: CrossLock Ransomware (lien direct) |
> Résumé Crosslock est un groupe de ransomwares qui a émergé en avril 2023, ciblant une grande entreprise de certificateurs numériques au Brésil.Ce ransomware a été écrit dans GO, qui a également été adopté par d'autres groupes de ransomwares, y compris Hive, en raison des capacités multiplateforme offertes par la langue.Crosslock fonctionne dans le schéma à double expression, en menaçant de fuir [& # 8230;]
>Summary CrossLock is a ransomware group that emerged in April 2023, targeting a large digital certifier company in Brazil. This ransomware was written in Go, which has also been adopted by other ransomware groups, including Hive, due to the cross-platform capabilities offered by the language. CrossLock operates in the double-extortion scheme, by threatening to leak […] |
Ransomware Threat | ★★★ | |
|
2023-04-24 17:00:00 | Campagne de phishing de FedEx abusant de TrustForm et Paay FedEx Phishing Campaign Abusing TrustedForm and PAAY (lien direct) |
> Résumé Netskope Threat Labs suit une campagne de phishing qui imite une livraison de package FedEx comme appât pour voler les données de la carte de crédit.Ce type d'attaque d'ingénierie sociale se trouve couramment dans les pages de phishing, les e-mails et autres escroqueries, où un faux sentiment d'urgence est créé pour exhorter la victime à effectuer une action qui [& # 8230;]
>Summary Netskope Threat Labs is tracking a phishing campaign that mimics a FedEx package delivery as bait to steal credit card data. This type of social engineering attack is commonly found in phishing pages, emails, and other scams, where a false sense of urgency is created to urge the victim into doing an action that […] |
Threat | FedEx FedEx | ★★★ |
|
2023-04-21 19:49:00 | Mémo sur les menaces du cloud: les acteurs de la menace exploitent de plus en plus Google Drive Cloud Threats Memo: Threat Actors Increasingly Exploiting Google Drive (lien direct) |
> Google Drive continue d'être l'un des services cloud les plus maltraités par les acteurs de la menace, et la dernière édition (avril 2023) du rapport de menace des Horizons, publié par les chercheurs en sécurité dans le groupe d'analyse des menaces de Google (TAG), montre plusExemples intéressants de la façon dont les acteurs de menaces opportunistes et parrainés par l'État exploitent son service phare de stockage cloud, à [& # 8230;]
>Google Drive continues to be one of the most abused cloud services by threat actors, and the latest edition (April 2023) of the Threat Horizons Report, released by security researchers in Google\'s Threat Analysis Group (TAG), shows more interesting examples of how opportunistic and state-sponsored threat actors are exploiting its flagship cloud storage service, to […] |
Threat Cloud | ★★★ | |
|
2023-04-21 16:17:10 | Statistiques de laboratoire de menace de netskope pour mars 2023 Netskope Threat Labs Stats for March 2023 (lien direct) |
> Netskope Threat Labs publie un article de blog de résumé mensuel des principales menaces que nous suivons sur la plate-forme Netskope.Le but de cet article est de fournir des renseignements stratégiques et exploitables sur les menaces actives contre les utilisateurs d'entreprise du monde entier.Les attaquants récapitulatifs continuent de tenter de voler sous le radar en utilisant des applications cloud pour fournir des logiciels malveillants, [& # 8230;]
>Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary Attackers continue to attempt to fly under the radar by using cloud apps to deliver malware, […] |
Threat Cloud | ★★★ | |
|
2023-04-10 19:47:04 | Rountup de nouvelles de Labs de menace: mars 2023 Threat Labs News Roundup: March 2023 (lien direct) |
> Résumé Le but de la série Roundup de Netkope Threat Labs est de fournir aux équipes de sécurité d'entreprise un mémoire exploitable sur les meilleures nouvelles de cybersécurité du monde entier.Le mémoire comprend des résumés et des liens vers les meilleurs articles couvrant des menaces compatibles avec le cloud, des logiciels malveillants et des ransomwares.Top Stories Blacklotus Bootkit ciblant les chercheurs de Windows 11 trouvés [& # 8230;]
>Summary The purpose of the Netskope Threat Labs News Roundup series is to provide enterprise security teams an actionable brief on the top cybersecurity news from around the world. The brief includes summaries and links to the top news items spanning cloud-enabled threats, malware, and ransomware. Top Stories BlackLotus bootkit targeting Windows 11 Researchers found […] |
Threat | ★★ | |
|
2023-04-06 13:59:23 | Assistance technique Pivots de DigitalOcean à StackPath CDN Tech Support Scam Pivots from DigitalOcean to StackPath CDN (lien direct) |
> Les attaquants récapitulatifs qui abusaient auparavant DigitalOcean pour héberger une arnaque de support technologique ont élargi l'opération, abusant désormais de StackPath CDN pour distribuer l'arnaque, et sont susceptibles de commencer à abuser des services cloud supplémentaires pour fournir l'arnaque dans un avenir proche.Du 1er février au 16 mars, NetSkope Threat Labs a vu une augmentation de 10x [& # 8230;]
>Summary Attackers who were previously abusing DigitalOcean to host a tech support scam have expanded the operation, now abusing StackPath CDN to distribute the scam, and are likely to start abusing additional cloud services to deliver the scam in the near future. From February 1 to March 16, Netskope Threat Labs has seen a 10x increase […] |
Threat Cloud | APT 32 | ★★★ |
|
2023-03-29 15:00:00 | NetSkope Cloud Menaces Memo: la campagne de cyber-espionnage abusant OneDrive et Dropbox [Netskope Cloud Threats Memo: Cyber Espionage Campaign Abusing OneDrive and Dropbox] (lien direct) | > Les services de stockage cloud légitimes sont de plus en plus exploités pour le cyber-espionnage, donc la découverte d'une opération similaire dans le contexte de l'invasion russe de l'Ukraine n'était qu'une question de temps.La découverte est venue de chercheurs en sécurité de Kaspersky, qui a identifié une campagne active menée par un acteur de menace avancée et en cours [& # 8230;]
>Legitimate cloud storage services are increasingly being exploited for cyber espionage, so the discovery of a similar operation in the context of the Russian invasion of Ukraine was just a matter of time. The discovery came from security researchers at Kaspersky, who identified an active campaign carried out by an advanced threat actor and ongoing […] |
Threat Cloud | ★★ | |
|
2023-03-22 14:42:55 | Emotet Comeback: Nouvelle campagne utilisant un rembourrage binaire pour échapper à la détection [Emotet Comeback: New Campaign Using Binary Padding to Evade Detection] (lien direct) | > Résumé Emotet est sans aucun doute un botnet très résilient.Même si son fonctionnement a été perturbé par Europol en janvier 2021, Emotet est revenu quelques mois plus tard et continue de se propager.En mai 2022, peu de temps après que Microsoft a publié de nouveaux contrôles liés aux macros malveillants, Netskope Threat Labs a analysé une campagne Emotet où ils testaient un [& # 8230;]
>Summary Emotet is undoubtedly a very resilient botnet. Even though its operation was disrupted by Europol in January 2021, Emotet came back a few months later and continues to spread. In May 2022, shortly after Microsoft released new controls related to malicious macros, Netskope Threat Labs analyzed an Emotet campaign where they were testing a […] |
Threat | ★★★ | |
|
2023-03-21 14:35:20 | Statistiques des laboratoires de netskope menace pour février 2023 [Netskope Threat Labs Stats for February 2023] (lien direct) | > Netskope Threat Labs publie un article de blog de résumé mensuel des principales menaces que nous suivons sur la plate-forme Netskope.Le but de cet article est de fournir des renseignements stratégiques et exploitables sur les menaces actives contre les utilisateurs d'entreprise du monde entier.Les attaquants récapitulatifs continuent de tenter de voler sous le radar en utilisant des applications cloud pour fournir des logiciels malveillants, [& # 8230;]
>Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary Attackers continue to attempt to fly under the radar by using cloud apps to deliver malware, […] |
Threat Cloud | ★★ | |
|
2023-03-20 14:55:52 | Leverage IP and CIDR IOBs with SecLytics Cloud Threat Exchange Plugin (lien direct) | >The Netskope Security team is happy to announce the official release of our newest Cloud Threat Exchange plugin built in-house, which now allows users to pull threat data discovered by SecLytics. This integration leverages the SecLytics Bulk API to allow users to pull identified URL, IP, and CIDR block indicators of behavior (IoBs) into Cloud […] | Threat Cloud | ★★ | |
|
2023-03-16 19:00:00 | Netskope Threat Coverage: BlackSnake Ransomware (lien direct) | >Summary BlackSnake is a ransomware-as-a-service (RaaS) group that first appeared in a hacking forum in August 2022, where the operators were seeking affiliates and stating that they would take 15% of the profit, which is below the typical average of 20-30%. On February 28, 2023, a new variant of BlackSnake was spotted, and is notable […] | Ransomware Threat | ★★★ | |
|
2023-03-10 21:09:16 | Realizing the True Power of Netskope Cloud Exchange (lien direct) | >When I talk to customers and partners about Cloud Threat Exchange (CTE), I immediately say, “I'm not in marketing, and didn't see the future-so I misnamed the module. I should have named it Cloud Data Exchange.” Why do I say this? Because, as Netskope and Cloud Exchange have matured, the number of use cases the […] | Threat Cloud | ★★★ | |
|
2023-03-09 21:46:24 | Attackers Increasingly Abusing DigitalOcean to Host Scams and Phishing (lien direct) | >Summary Netskope Threat Labs is tracking a 17x increase in traffic to malicious web pages hosted on DigitalOcean in the last six months. This increase is attributed to new campaigns of a known tech support scam that mimics Windows Defender and tries to deceive users into believing that their computer is infected. The end goal […] | Threat | APT 32 | ★★ |
|
2023-03-07 23:01:18 | Threat Labs News Roundup: February 2023 (lien direct) | >Summary The purpose of the Netskope Threat Labs News Roundup series is to provide enterprise security teams an actionable brief on the top cybersecurity news from around the world. The brief includes summaries and links to the top news items spanning cloud-enabled threats, malware, and ransomware. Top Stories Three zero-days patched by Microsoft Microsoft released […] | Threat | ★★★ | |
|
2023-03-03 16:00:00 | Cloud Threats Memo: Multiple Different Cloud Apps Abused in a Single Cyber Espionage Campaign (lien direct) | >Threat actors continue to exploit cloud services for cyber espionage, and a new campaign by a threat cluster named WIP26, discovered recently by researchers at Sentinel One in collaboration with QGroup, targeting telecommunication providers in the Middle East, confirms this trend. In particular what makes this campaign stand out is the abuse of multiple cloud […] | Threat Cloud | ★★★ | |
|
2023-03-01 07:00:00 | Why Organisations Must Get to Grips With Cloud Delivered Malware (lien direct) | >Netskope has just published the Monthly Threat Report for February, with this month's report focused on what is going on in Europe. I don't intend to summarise the report in this blog, instead I want to zoom in and study a continuing trend that was highlighted in there; one that is unfortunately heading in the […] | Malware Threat Prediction Cloud | ★★★ | |
|
2023-02-21 16:35:05 | Netskope Threat Labs Stats for January 2023 (lien direct) | >Starting with January 2023, Netskope Threat Labs will publish a monthly summary blog post of the top threats we are tracking on the Netskope Security Cloud platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary Attackers continue to attempt to fly under the radar […] | Threat | ★★★ | |
|
2023-02-16 16:01:26 | Threat Labs News Roundup: January 2023 (lien direct) | >Summary The purpose of the Netskope Threat Labs “Cybersecurity News Roundup” series is to provide enterprise security teams an actionable brief on the top cybersecurity news from around the world. The brief includes summaries and links to the top news items spanning cloud-enabled threats, malware, and ransomware. Top Stories Attackers using SEO poisoning to deliver […] | Threat | ★★ | |
|
2023-02-02 15:18:20 | Cloud Threats Memo: Understanding the Growing Risk of Consent Phishing (lien direct) | >The advent of cloud applications led to a new generation of phishing attacks (named OAuth phishing or consent phishing) where, rather than stealing the user credentials, threat actors aim to obtain an authorization token via a rogue cloud app that allows them to perform harmful activities on the victim's cloud environment. These activities include: reading […] | Threat | ★★★★ | |
|
2023-01-19 19:57:37 | Cloud Threats Memo: Threat Actors Continue to Abuse Cloud Services to Deliver Malware in 2023 (lien direct) | >Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active […] | Malware Threat Guideline Prediction | ★★★ | |
|
2023-01-18 07:00:00 | The Impact of AI on Cybersecurity: Balancing the Risks and Opportunities (lien direct) | >As artificial intelligence (AI) advances, I am seeing a lot of discussion on LinkedIn and in the online media about the advantages it may bring for either the threat actors (“batten down the hatches, we are all doomed”) or the security defence teams (“it’s OK, relax, AI has you covered”). It has occurred to me […] | Threat | ★★★ | |
|
2022-12-19 21:02:20 | Cloud Threats Memo: State-sponsored Threat Actors Continue to Abuse Legitimate Cloud Services (lien direct) | >Threat actors exploiting cloud services are keeping me very busy in these final days of this troubled 2022. The main character of this Cloud Threats Memo is MuddyWater (also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros), one of the most prolific cyber espionage groups, active since at least 2017, and believed to […] | Threat | ★★★★ | |
|
2022-12-06 19:07:40 | Cloud Threats Memo: Cyber Espionage Exploiting Google Drive for C2 Infrastructure (lien direct) | >Another day, another legitimate cloud service exploited for a cyber espionage campaign… Researchers at ESET recently discovered Dolphin, a previously unreported backdoor used by the North-Korean threat actor APT37 (AKA ScarCruft and Reaper) against selected targets. The backdoor, deployed after the initial compromise using less sophisticated malware, was observed for the first time in early […] | Threat Cloud | APT 37 | ★★★ |
|
2022-11-22 17:34:43 | Netskope Threat Labs: What We\'ll See In 2023 (lien direct) | Continuing our ongoing series of expert predictions, the following come from Netskope Threat Labs, including what we see on the horizon for software supply chain, phishing, and ransomware. Phishing operations will increase in sophistication to bypass MFA Phishing is a social engineering technique. You need to find someone with their guard down and convince them […] | Threat | ★★★★ | |
|
2022-11-18 15:18:03 | Netskope Threat Coverage: Prestige Ransomware (lien direct) | >Summary In October 2022, a novel ransomware named Prestige was found targeting logistics and transportation sectors in Ukraine and Poland. According to Microsoft, victims affected by Prestige overlap with previous victims targeted by HermeticWiper, spotted in February 2022. The research also shows that the attackers deployed the ransomware within an hour between all victims, abusing […] | Ransomware Threat | ||
|
2022-11-16 14:00:00 | Cloud Abuse: New Technique Using Adobe Acrobat to Host Phishing (lien direct) | >Summary Netskope Threat Labs recently discovered a phishing campaign that is abusing Adobe Acrobat to host a Microsoft Office phishing page. While abusing free cloud services to host malicious content is a popular attack technique, this is the first time we have seen Adobe Acrobat used to deliver malicious content. The attack starts with a […] | Threat | ||
|
2022-11-10 14:00:00 | New Phishing Technique Targeting Over 20 Crypto Wallets (lien direct) | >Summary Netskope Threat Labs spotted a new crypto-phishing attack that aims to steal sensitive data from crypto wallets, including private keys and security recovery phrases, disguising itself as a service to revoke stolen ERC (Ethereum Request for Comments) assets. The page was created and hosted with Netlify, which is a free cloud service to create […] | Threat | ★★★★★ | |
|
2022-11-01 16:35:10 | Cybersecurity Awareness Month: Recognizing Phishing and Using Multi-factor Authentication (lien direct) | >Phishing is a well known threat that users are constantly being warned about, but as we are in Cybersercurity Awarenss Month though, some may still be wondering what exactly phishing is and how to prevent it. In this blog, I am going to dig into how you can recognize phishing and how enabling multi-factor authentication […] | Threat | ★★★★ |
To see everything:
Our RSS (filtrered)
