This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-09T17:14:43+00:00 www.secnews.physaphae.fr McAfee Labs - Editeur Logiciel This post was researched and written by Christiaan Beek, Tim Hux, David Marcus, Charles McFarland, Douglas McKee, and Raj Samani. McAfee is currently investigating a ransomware campaign known as BadRabbit, which initially infected targets in Russia and the Ukraine. We are also investigating reports of infected systems in Germany, Turkey, and Bulgaria and will provide updates … ]]> 2017-10-24T22:31:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/badrabbit-ransomware-burrows-russia-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=705917 False None None None McAfee Labs - Editeur Logiciel KRACKs are in the news. McAfee has already discussed these key reinstallation attacks that affect Wi-Fi setups in two posts: “KRACKs Against Wi-Fi Serious But Not End of the World” “How KRACK Threatens Wi-Fi's Security Underpinnings and What It Means for You” Here are five observations that offer an easy-to-digest summary: Don't panic! Remember this … ]]> 2017-10-23T15:53:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/kracks-five-observations-on-wpa-authentication-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=705918 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel This blog was co-written by Ramnath Venugopalan. In May, McAfee surveyed more than 700 IT and security professionals around the world to better understand how threat hunting is used in organizations and how they hope to enhance their threat hunting capabilities. You can read the full study: Disrupting the Disruptors, Art or Science? Understanding the … ]]> 2017-10-18T16:01:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/tips-effective-threat-hunting/ www.secnews.physaphae.fr/article.php?IdArticle=705921 False None None None McAfee Labs - Editeur Logiciel Widespread reports claim the Far Eastern International Bank in Taiwan has become a victim of hacking. The attacks demonstrate the global nature of cybercrime, with the cybercriminals attempting to wire US$60 million to destinations such as Sri Lanka, Cambodia, and the United States. ]]> 2017-10-12T21:34:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/taiwan-bank-heist-role-pseudo-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=705922 False None None None McAfee Labs - Editeur Logiciel With Bitcoin at one point valued at more than $5,000 per unit, cryptocurrencies have excited a lot of interest from individuals, businesses, and hackers. One of the selling points of Bitcoin and others of its type is anonymity. Yet there are concerns that online currency transactions may not be as anonymous as many wish. In … ]]> 2017-10-11T13:00:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/staying-anonymous-on-the-blockchain-concerns-and-techniques/ www.secnews.physaphae.fr/article.php?IdArticle=705923 False None None None McAfee Labs - Editeur Logiciel This blog was written by Krishs Patil. A memory corruption bug in UDP fragmentation offload (UFO) code inside the Linux kernel can lead to local privilege escalation. In this post we will examine this vulnerability and its accompanying exploit. Although this bug affects both IPv4 and IPv6 code paths, we analyzed only IPv4 code running … ]]> 2017-10-02T14:00:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/linux-kernel-vulnerability-can-lead-to-privilege-escalation-analyzing-cve-2017-1000112/ www.secnews.physaphae.fr/article.php?IdArticle=705924 False Guideline None None McAfee Labs - Editeur Logiciel Criminals excel in manipulating the trust within human relationships, particularly as individuals project themselves into digital realms such as social media. We see it in phishing messages, which fool us into clicking on a malicious weblink from what appears to be a benign organization with which we do business. We also see it in the … ]]> 2017-09-26T18:00:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-faceliker-surge-manipulates-facebook-likes-promote-news-content/ www.secnews.physaphae.fr/article.php?IdArticle=705925 False None None None McAfee Labs - Editeur Logiciel Today we published the McAfee Labs Threats Report: September 2017. This quarter's report shows off a new design. We hope you will find it attractive as well as informative. ]]> 2017-09-26T04:01:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-explores-wannacrypetya-threat-hunting-script-based-malware/ www.secnews.physaphae.fr/article.php?IdArticle=705926 False None Wannacry None McAfee Labs - Editeur Logiciel Apache Struts, an open-source web development framework, is prone to vulnerabilities. We wrote about CVE-2017-9791 in July. The latest is CVE-2017-9805, another remote code execution flaw actively being exploited, according to reports. This vulnerability affects the Struts plug-in Representational State Transfer (REST). Apache has updated Struts with Version 2.5.13 to fix this issue. In this post … ]]> 2017-09-22T17:00:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/apache-struts-at-rest-analyzing-remote-code-execution-vulnerability-cve-2017-9805/ www.secnews.physaphae.fr/article.php?IdArticle=705927 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Recently the McAfee IPS Research Team informed Microsoft about a potential remote code execution vulnerability in Office 2016 that McAfee discovered in March. Microsoft released a patch for this vulnerability this week with CVE-2017-8630. In this post, we will briefly discuss the vulnerability and its exploitability. The Problem While auditing PowerPoint, we came across an … ]]> 2017-09-21T13:00:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/microsoft-kills-potential-remote-code-execution-vulnerability-in-office-cve-2017-8630/ www.secnews.physaphae.fr/article.php?IdArticle=705928 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel The McAfee Mobile Research Team tracks the behavior of Android click-fraud apps. We have detected multiple implementations, including recent examples on Google Play in 2016 and Clicker.BN last month. These threats are characterized by a common behavior: They appear innocuous but in the background they perform HTTP requests (simulating clicks) on paid “advertainment” to make … ]]> 2017-09-12T13:00:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/android-click-fraud-app-repurposed-ddos-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=705929 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel Last month, a number of users started posting on South Korean sites screenshots of suspicious SMS messages phishing texts (also known as smishing) to lure them into clicking on shortened URLs. For example, the following message asks the user to click on the link to check if a private picture has been leaked: Figure 1: … ]]> 2017-08-28T08:10:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/android-banking-trojan-moqhao-spreading-via-sms-phishing-south-korea/ www.secnews.physaphae.fr/article.php?IdArticle=705931 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel Click-fraud apps frequently appear on Google Play and third-party markets. They are sometimes hard to identify because the malicious behavior that simulates clicks is similar to the behavior of many legitimate applications (using common API calls and permissions). Further, part of the malicious code does not reside in the original malware and comes from a … ]]> 2017-08-25T00:59:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/android-click-fraud-apps-briefly-return-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=705932 False None None 5.0000000000000000 McAfee Labs - Editeur Logiciel The McAfee Mobile Research team recently found an active smishing campaign, using SMS messages, that targets online banking users in the United States. The messages attempt to scare victims with a notice that the bank account will be soon closed and that the user must immediately click a malicious URL: Figure 1: Phishing SMS message. … ]]> 2017-08-14T23:28:01+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/smishing-campaign-steals-banking-credentials-u-s/ www.secnews.physaphae.fr/article.php?IdArticle=705933 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel Sometime in the distant past, that thing in your driveway was a car.  However, the “connected car is already the third-fastest growing technological device after phones and tablets.”  The days when a Haynes manual, a tool kit, and a free afternoon/week to work on the car are fast becoming a distant memory. Our connected cars … ]]> 2017-08-02T21:54:00+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/defcon-connected-car-security/ www.secnews.physaphae.fr/article.php?IdArticle=705934 False None None 5.0000000000000000 McAfee Labs - Editeur Logiciel CVE-2017-0190 is a recently patched vulnerability related to Windows metafiles (WMFs), a portable image format mainly used by 16-bit Windows applications. Recently we have seen an increase in the number of vulnerabilities related to WMFs and EMFs (enhanced metafiles) in the GDI32 library. Most often, these vulnerabilities lead to sensitive information disclosure from the process … ]]> 2017-07-26T17:39:04+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-cve-2017-0190-wmf-flaws-can-lead-data-theft-code-execution/ www.secnews.physaphae.fr/article.php?IdArticle=705935 False Guideline None 2.0000000000000000 McAfee Labs - Editeur Logiciel One year on. It is fair to say that the No More Ransom project not only exceeded our expectations, but simply blew these initial expectations out of the water. A collaboration between six partners (McAfee, EC3, Dutch Police, Kaspersky Lab, AWS and Barracuda) has now grown to include more than 100 partners across the public and private sector. We often hear people talk about Public-Private Partnerships, but here is a true example of that commitment in action. ]]> 2017-07-25T14:20:00+00:00 https://securingtomorrow.mcafee.com/executive-perspectives/nomoreransom-one-year/ www.secnews.physaphae.fr/article.php?IdArticle=705936 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using the technique of object-graph navigation language (OGNL) injection. OGNL is an expression language that allows the setting of object properties and execution of various methods of Java classes. OGNL can be used maliciously to perform … ]]> 2017-07-19T19:56:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-cve-2017-9791-apache-struts-vulnerability-can-lead-remote-code-execution/ www.secnews.physaphae.fr/article.php?IdArticle=705938 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel This blog was written by Yakun Zhang. A virtual machine is a completely isolated guest operating system installation within a normal host operating system. Virtual machine escape is the process of breaking out of a virtual machine and interacting with the host operating system, which can lead to infections and malware execution. VMware escapes demonstrated … ]]> 2017-07-17T18:53:03+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/ www.secnews.physaphae.fr/article.php?IdArticle=705939 False Guideline None 5.0000000000000000 McAfee Labs - Editeur Logiciel We recently found on Google Play a type of mobile ransomware that does not encrypt files. This malware extorts a payment to prevent the attacker from spreading a victim's private information. LeakerLocker claims to have made an unauthorized backup of a phone's sensitive information that could be leaked to a user's contacts unless it receives … ]]> 2017-07-07T18:02:05+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/leakerlocker-mobile-ransomware-acts-without-encryption/ www.secnews.physaphae.fr/article.php?IdArticle=705940 False None None None McAfee Labs - Editeur Logiciel At the beginning of the recent Petya malware campaign, the world was quick to exclaim this attack was ransomware. Now, with time to analyze the facts and make comparisons to other ransomware campaigns, this Petya attack does not look so much like ransomware. To back up this claim, let's examine three other well-known ransomware campaigns: … ]]> 2017-07-01T01:09:03+00:00 https://securingtomorrow.mcafee.com/business/petya-effective-destruction-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=705941 False None None None McAfee Labs - Editeur Logiciel A new variant of the ransomware Petya (also called Petrwrap) began spreading around the world on June 27. Petya is ransomware that exploits the vulnerability CVE-2017-0144 in Microsoft's implementation of the Server Message Block protocol. This ransomware encrypts the master boot records of infected Windows computers, making the machines unusable. ]]> 2017-06-28T17:15:04+00:00 https://securingtomorrow.mcafee.com/business/protect-petya-ransomware-mcafee-environment/ www.secnews.physaphae.fr/article.php?IdArticle=705942 False None None None McAfee Labs - Editeur Logiciel The world woke up today to another ransomware outbreak wreaking havoc throughout companies' networks. This time, the family causing the fuss is Ransomware Petya, a nasty variant that encrypts files and the computer's master boot record (MBR), rendering the machine unusable. ]]> 2017-06-27T19:44:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/new-variant-petya-ransomware-spreading-like-wildfire/ www.secnews.physaphae.fr/article.php?IdArticle=705943 False None None 4.0000000000000000 McAfee Labs - Editeur Logiciel This blog post was written by Vincent Weafer. We got a little carried away in the McAfee Labs Threats Report: June 2017, published today. This quarter's report has expanded to a rather hefty 83 pages! It contains three highly educational topics, in addition to the usual set of threats statistics: We broadly examine evasion techniques … ]]> 2017-06-20T04:01:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-explores-malware-evasion-techniques-digital-steganography-password-stealer-fareit/ www.secnews.physaphae.fr/article.php?IdArticle=705944 False None None 3.0000000000000000 McAfee Labs - Editeur Logiciel This blog was written by Sanchit Karve. McAfee Labs has discovered that banking malware Pinkslipbot (also known as QakBot/QBot) has used infected machines as control servers since April 2016, even after its capability to steal personal and financial data from the infected machine has been removed by a security product. These include home users whose … ]]> 2017-06-16T19:11:02+00:00 https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-discovers-pinkslipbot-exploiting-infected-machines-as-control-servers-releases-free-tool-to-detect-disable-trojan/ www.secnews.physaphae.fr/article.php?IdArticle=705945 False None None 5.0000000000000000