What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-06-02 16:00:17 | 6 best html5 libraries 2016 (lien direct) | For any web developer or designer, HTML5 tools and libraries prove to be a great help when it comes to step up their workflow and perform repetitive tasks. These tools are blessed with all the richness and power that help webmasters to augment the value of their work and improve the usability of their web designs and development.Here we are showcasing some of the best HTML5 tools and libraries for web developers and designers. BEST HTML5 TOOLS & LIBRARIES Being the finest online animation tool, HTML5 Maker makes it easy for developers to add interactive content to their website with | APT 19 | ||
 |
2016-05-27 14:13:19 | IXESHE Derivative IHEATE Targets Users in America (lien direct) | Since 2012, we've been keeping an eye on the IXESHE targeted attack campaign. Since its inception in 2009, the campaign has primarily targeted governments and companies in East Asia and Germany. However, the campaign appears to have shifted tactics and is once again targeting users in the United States.We also noticed that there were some changes to the underlying behavior of the malware used. While there were some incremental improvements in the observed behavior of the new sample, the underlying pattern of behavior is similar to what we observed earlier from IXESHE.These attacks targeting users in the United States used a variant of IXESHE which has been seen in Taiwan since 2009 named IHEATE. These showed some differences from known IXESHE variants: they had a different command-and-control (C&C) communication model and encryption methods.Post from: Trendlabs Security Intelligence Blog - by Trend MicroIXESHE Derivative IHEATE Targets Users in America | APT 12 | ||
 |
2016-05-27 03:00:57 | From Monkey to Man – The Evolution of a CISO (lien direct) | I think we are all familiar with the popular axiom, “It's not IF you get compromised, it's WHEN you get compromised.” I'm also pretty sure we all know that IT security is no longer viewed purely as an operational concern but as a significant contributor to business risk. As a result of this, IT security […]… Read More | APT 17 | ||
 |
2016-05-25 16:10:43 | Wekby hacker gang using DNS requests in new malware campaign (lien direct) | A long-time hacker group is using DNS requests as a command-and-control mechanism in a new series of malware attacks. |
APT 18 | ||
 |
2016-05-24 18:30:30 | New Wekby Attacks Use DNS Requests As Command and Control Mechanism (lien direct) | We have observed an attack led by the APT group Wekby targeting a US-based organization in recent weeks. Wekby is a group that has been active for a number of years, targeting various industries such… | APT 18 | ||
|
2016-05-23 01:00:26 | Operation Ke3chang Resurfaces With New TidePool Malware (lien direct) | Introduction Little has been published on the threat actors responsible for Operation Ke3chang since the report was released more than two years ago. However, Unit 42 has recently discovered the actors have continued to evolve… | APT 15 APT 25 | ||
 |
2016-05-07 16:25:00 | WordPress 4.5.2 : Mise à jour de sécurité critique (lien direct) | L'équipe de WordPress vient de mettre à disposition la version 4.5.2, qui est une mise à jour de sécurité. Webmasters, il est urgent de la déployer au plus vite si vous n'avez pas activé les mises à jours automatiques de votre WordPress. Sinon, elle a déjà été appliquée. |
APT 19 | ★★ | |
 |
2016-03-30 07:00:00 | Cmstar APT Malware Exploits CVE-2012-0158 (lien direct) | BackgroundAPTs (Advanced Persistent Threats) are a type of threat that targets a specific group of potential victims. For example, they have been used in cyber-espionage campaigns to target governments, anti-government activists, military organizations, as well as private companies. Their goal is to penetrate a targeted system or network, remain hidden for extended periods, and collect and exfiltrate data.A common compromise technique is for an APT to target the victims with a spear phishing campaign. Spear phishing campaigns are successful in part because of the great deal of information we have posted about ourselves online. With only a few minutes of research, a cyber criminal can usually identify one or more people in our professional circles whose name, when we see it in the ‘from’ field in an email, would likely cause us to open the email.The attachment exploits a common vulnerability (CVE-2012-0158) which installs the Cmstar downloader onto the compromised system. Cmstar then contacts the Command and Control (C&C) server for the BBSRAT remote access malware to download, and installs it on the compromised system. The attacker can now control the compromised system directly.Impact on YouHaving any type of malware (especially one designed to steal data) on your network puts your sensitive or regulated information at risk.Once installed, Cmstar has the ability to download malware that can infect other machines as well as pull down additional malware variants as neededThe data-stealing malware can reside inside a network for months or years before detection, giving an attacker virtually unlimited access to dataHow AlienVault HelpsAPTs are sophisticated attacks conducted by well-resourced teams. Preventive technologies like sandboxing can help block some attacks, but a dedicated, focused adversary will always find a way to penetrate a network.That’s why you need the ability to detect the presence of compromised systems, downloaders, remote access malware, and other malicious content in your network quickly. And, once you have detected it, you need to be able to minimize the damage that compromised systems can cause. That’s where the AlienVault Labs team can help—the threat research team continues to research and update the ability of the USM platform to detect new downloaders, remote access toolkits (RATs), as well as new variations on existing malware.The Labs team recently updated the USM platform’s ability to detect the latest version of the Cmstar downloader on your network by adding an IDS signature to detect the malicious traffic and a correlation directive to link events from across your network that indicate that Cmstar has compromised one or more systems.These updates are included in the latest AlienVault Threat Intelligence update available now:New Detection Technique - APT CmstarCmstar is a downloader that is similar to the Lurid and Enfal families of malware. Cmstar is typically delivered through phishing emails that contain malicious Microsoft documents and has recently been used to download BBSRAT. The group that utilizes Cmstar and BBSRAT appears to be targeting Russian victims and most r | APT 15 | ★★★★★ | |
 |
2015-07-13 08:31:00 | Démontrant Hustle, les groupes de l'APT chinois utilisent rapidement une vulnérabilité zéro-jour (CVE-2015-5119) après une fuite d'équipe de piratage Demonstrating Hustle, Chinese APT Groups Quickly Use Zero-Day Vulnerability (CVE-2015-5119) Following Hacking Team Leak (lien direct) |
Le Fireeye en tant qu'équipe de service a détecté des campagnes de phishing indépendantes menées par deux groupes de menace persistante avancés chinois (APT) que nous suivons, APT3 et APT18.Chaque groupe de menaces a rapidement profité d'une vulnérabilité zéro-jour (CVE-2015-5119), qui a été divulguée dans la divulgation des données internes de l'équipe de piratage.Adobe a publié un patch pour la vulnérabilité le 8 juillet 2015. Avant ce patcha été publié, les groupes ont lancé des campagnes de phishing contre plusieurs sociétés de l'aérospatiale et de la défense, de la construction et de l'ingénierie, de l'éducation, de l'énergie
The FireEye as a Service team detected independent phishing campaigns conducted by two Chinese advanced persistent threat (APT) groups that we track, APT3 and APT18. Each threat group quickly took advantage of a zero-day vulnerability (CVE-2015-5119), which was leaked in the disclosure of Hacking Team\'s internal data. Adobe released a patch for the vulnerability on July 8, 2015. Before that patch was released, the groups launched phishing campaigns against multiple companies in the aerospace and defense, construction and engineering, education, energy |
Vulnerability Threat | APT 18 APT 3 | ★★★★ |
|
2014-10-27 03:00:42 | Malware APT28: une fenêtre sur les opérations de cyber-espionnage de la Russie? APT28 Malware: A Window into Russia\\'s Cyber Espionage Operations? (lien direct) |
Le rôle des acteurs de l'État-nation dans les cyberattaques a peut-être été le plus largement révélé en février 2013 lorsque mandiant href = "https://www.mandiant.com/resources/mandiant-expose-apt1-chinas-cyber-espionage-units" cible = "_ Blank"> Rapport APT1, en Chine.Aujourd'hui, nous publions un nouveau rapport: apt28:Une fenêtre sur les opérations de cyber-espionnage de la Russie?
Ce rapport se concentre sur un groupe de menaces que nous avons désigné comme APT28.Alors que les logiciels malveillants d'APT28 \\ sont assez connus dans la communauté de la cybersécurité, notre rapport détaille des informations supplémentaires exposant des opérations en cours et ciblées qui, selon nous, indiquent un sponsor gouvernemental basé à Moscou.
dans
The role of nation-state actors in cyber attacks was perhaps most widely revealed in February 2013 when Mandiant released the APT1 report, which detailed a professional cyber espionage group based in China. Today we release a new report: APT28: A Window Into Russia\'s Cyber Espionage Operations? This report focuses on a threat group that we have designated as APT28. While APT28\'s malware is fairly well known in the cybersecurity community, our report details additional information exposing ongoing, focused operations that we believe indicate a government sponsor based in Moscow. In |
Malware Threat | APT 28 APT 28 APT 1 | ★★★★ |
|
2014-09-03 18:00:29 | Le groupe APT préféré de Darwin \\ Darwin\\'s Favorite APT Group (lien direct) |
Introduction
Les attaquants appelés APT12 (également connu sous le nom d'Ixeshe, Dyncalc et DNSCALC) ont récemment lancé une nouvelle campagne ciblant les organisations au Japon et à Taïwan.L'APT12 serait un groupe de cyber-espionnage qui aurait des liens avec l'armée de libération du peuple chinois.Les objectifs d'APT12 \\ sont conformes aux objectifs de la République de Chine (PRC) de la République de Chine (PRC).Les intrusions et les campagnes menées par ce groupe sont en ligne avec les objectifs de la RPC et l'intérêt personnel à Taïwan.De plus, les nouvelles campagnes que nous avons révélées mettent davantage met en évidence la corrélation entre les groupes APT qui cessent et réoulèvent
Introduction The attackers referred to as APT12 (also known as IXESHE, DynCalc, and DNSCALC) recently started a new campaign targeting organizations in Japan and Taiwan. APT12 is believed to be a cyber espionage group thought to have links to the Chinese People\'s Liberation Army. APT12\'s targets are consistent with larger People\'s Republic of China (PRC) goals. Intrusions and campaigns conducted by this group are in-line with PRC goals and self-interest in Taiwan. Additionally, the new campaigns we uncovered further highlight the correlation between APT groups ceasing and retooling |
Technical | APT 12 | ★★★★ |
|
2013-02-19 07:00:45 | Mandiant expose APT1 & # 8211;L'une des unités de cyber-espionnage de Chine et libère 3 000 indicateurs Mandiant Exposes APT1 – One of China\\'s Cyber Espionage Units & Releases 3,000 Indicators (lien direct) |
Aujourd'hui, le Mandiant & Reg;Intelligence Center ™ a publié un rapport sans précédent Exposer la campagne d'espionnage informatique de l'APT1 \\ à l'échelle de l'entreprise.APT1 est l'une des dizaines de groupes de menaces, des pistes mandiantes du monde entier et nous le considérons comme l'un des plus prolifiques en termes de quantité d'informations qu'elle a volée.
Les faits saillants du rapport incluent:
Preuve liant APT1 au 2e Bureau de la Chine de la Chine du Département général de l'Armée de libération (PLA) \'s (GSD) 3e département (désignateur de couverture militaire 61398).
Une chronologie de l'espionnage économique de l'APT1 réalisée depuis 2006
Today, The Mandiant® Intelligence Center™ released an unprecedented report exposing APT1\'s multi-year, enterprise-scale computer espionage campaign. APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen. Highlights of the report include: Evidence linking APT1 to China\'s 2nd Bureau of the People\'s Liberation Army (PLA) General Staff Department\'s (GSD) 3rd Department (Military Cover Designator 61398). A timeline of APT1 economic espionage conducted since 2006 |
Threat | APT 1 | ★★★★ |
To see everything:
Our RSS (filtrered)
