This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T20:54:46+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept (PoC) exploit for purported zero-day flaws in Discord, Google Chrome, and Microsoft Exchange. VulnCheck, which]]> 2023-06-14T15:51:00+00:00 https://thehackernews.com/2023/06/fake-researcher-profiles-spread-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8345267 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A fully undetectable (FUD) malware obfuscation engine named BatCloak is being used to deploy various malware strains since September 2022, while persistently evading antivirus detection. The samples grant "threat actors the ability to load numerous malware families and exploits with ease through highly obfuscated batch files," Trend Micro researchers said. About 79.6% of the total 784 artifacts]]> 2023-06-12T15:33:00+00:00 https://thehackernews.com/2023/06/cybercriminals-using-powerful-batcloak.html www.secnews.physaphae.fr/article.php?IdArticle=8344340 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new custom backdoor dubbed Stealth Soldier has been deployed as part of a set of highly-targeted espionage attacks in North Africa. "Stealth Soldier malware is an undocumented backdoor that primarily operates surveillance functions such as file exfiltration, screen and microphone recording, keystroke logging and stealing browser information," cybersecurity company Check Point said in a]]> 2023-06-09T11:27:00+00:00 https://thehackernews.com/2023/06/stealth-soldier-new-custom-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8343514 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023. "The name is derived from the tool,]]> 2023-06-07T10:10:00+00:00 https://thehackernews.com/2023/06/new-powerdrop-malware-targeting-us.html www.secnews.physaphae.fr/article.php?IdArticle=8342807 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim\'s account by performing web injections into targeted cryptocurrency websites," Kaspersky]]> 2023-06-06T23:51:00+00:00 https://thehackernews.com/2023/06/new-malware-campaign-leveraging-satacom.html www.secnews.physaphae.fr/article.php?IdArticle=8342669 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that\'s designed to capture sensitive data from infected hosts. "The threat actor behind this [ransomware-as-a-service] promotes its offering on forums," Uptycs said in a new report. "There it requests a share of profits from those engaging in malicious activities using its malware."]]> 2023-06-06T12:27:00+00:00 https://thehackernews.com/2023/06/cyclops-ransomware-gang-offers-go-based.html www.secnews.physaphae.fr/article.php?IdArticle=8342414 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim\'s Outlook mailbox, exfiltrate contacts\' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim\'s mailbox," Cisco Talos researcher Chetan Raghuprasad]]> 2023-06-02T17:33:00+00:00 https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8341484 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that\'s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines." What the malware lacks in]]> 2023-06-02T15:38:00+00:00 https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html www.secnews.physaphae.fr/article.php?IdArticle=8341450 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What\'s more, 50% of the servers don\'t remain active for more than a week, indicating the use of an adaptable and dynamic C2 infrastructure, Lumen Black Lotus Labs said in a report shared with The Hacker News. "This botnet has adapted]]> 2023-06-01T21:41:00+00:00 https://thehackernews.com/2023/06/evasive-qbot-malware-leverages-short.html www.secnews.physaphae.fr/article.php?IdArticle=8341271 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data," Kaspersky said. The Russian]]> 2023-06-01T20:44:00+00:00 https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html www.secnews.physaphae.fr/article.php?IdArticle=8341248 False Malware,Hack,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGOT, and Premium versions of YouTube, Netflix, and Instagram. "Once installed on a victim\'s device, the]]> 2023-05-30T12:32:00+00:00 https://thehackernews.com/2023/05/sneaky-dogerat-trojan-poses-as-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8340413 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per month. Some of the prominent malware families contained within AceCryptor are SmokeLoader, RedLine]]> 2023-05-29T17:45:00+00:00 https://thehackernews.com/2023/05/acecryptor-cybercriminals-powerful.html www.secnews.physaphae.fr/article.php?IdArticle=8340195 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets.  "It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility," Trend Micro said in a Friday report]]> 2023-05-27T13:40:00+00:00 https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8339833 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new strain of malicious software that\'s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put to use in the wild. "The]]> 2023-05-26T12:08:00+00:00 https://thehackernews.com/2023/05/new-cosmicenergy-malware-exploits-ics.html www.secnews.physaphae.fr/article.php?IdArticle=8339559 False Malware,Threat,Industrial CosmicEnergy 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices," Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News. Targets include]]> 2023-05-25T20:23:00+00:00 https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html www.secnews.physaphae.fr/article.php?IdArticle=8339407 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Brazilian threat actor is targeting Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. "The attackers can steal credentials and exfiltrate users\' data and personal information, which can be leveraged for malicious activities beyond financial gain," SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in a]]> 2023-05-25T17:02:00+00:00 https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html www.secnews.physaphae.fr/article.php?IdArticle=8339327 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app (APK package name "com.tsoft.app.iscreenrecorder"), which accrued over 50,000 installations, was first uploaded on September 19, 2021. The malicious functionality]]> 2023-05-24T16:03:00+00:00 https://thehackernews.com/2023/05/data-stealing-malware-discovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8338989 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications,"]]> 2023-05-24T15:30:00+00:00 https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html www.secnews.physaphae.fr/article.php?IdArticle=8338990 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC), which detailed the advanced persistent threat\'s (APT) continued abuse of DLL side-loading techniques to deploy malware. "The]]> 2023-05-24T13:00:00+00:00 https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8338945 False Malware APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of reconnaissance campaigns to enable subsequent attacks," SentinelOne researchers Aleksandar Milenkoski and Tom]]> 2023-05-23T19:26:00+00:00 https://thehackernews.com/2023/05/north-korean-kimsuky-hackers-strike.html www.secnews.physaphae.fr/article.php?IdArticle=8338750 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX (WinTapix.sys), attributed the malware with low confidence to an Iranian threat actor. "WinTapix.sys is essentially a loader," security researchers Geri Revay and Hossein Jazi said]]> 2023-05-23T16:41:00+00:00 https://thehackernews.com/2023/05/new-wintapixsys-malware-engages-in.html www.secnews.physaphae.fr/article.php?IdArticle=8338698 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom,"]]> 2023-05-20T16:18:00+00:00 https://thehackernews.com/2023/05/meet-jack-from-romania-mastermind.html www.secnews.physaphae.fr/article.php?IdArticle=8338071 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down. ReversingLabs, which broke]]> 2023-05-19T16:10:00+00:00 https://thehackernews.com/2023/05/developer-alert-npm-packages-for-nodejs.html www.secnews.physaphae.fr/article.php?IdArticle=8337877 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord)," eSentire]]> 2023-05-19T12:23:00+00:00 https://thehackernews.com/2023/05/searching-for-ai-tools-watch-out-for.html www.secnews.physaphae.fr/article.php?IdArticle=8337842 False Malware ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed to deliver two novel payloads dubbed CopperStealth and CopperPhish. Trend Micro is tracking the financially motivated group under the name Water Orthrus. The adversary is also assessed to be behind another campaign known as Scranos, which was detailed by Bitdefender in]]> 2023-05-16T17:09:00+00:00 https://thehackernews.com/2023/05/water-orthrus-copperstealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8336937 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in a report shared with The Hacker News. "This trend is especially noteworthy given the fact that ESXi]]> 2023-05-15T15:39:00+00:00 https://thehackernews.com/2023/05/new-michaelkors-ransomware-as-service.html www.secnews.physaphae.fr/article.php?IdArticle=8336574 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that\'s designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware. "Similar to web shell, which can be installed on web servers, SqlShell is a malware strain that supports various features after being installed on an MS SQL server,]]> 2023-05-15T12:46:00+00:00 https://thehackernews.com/2023/05/clr-sqlshell-malware-targets-ms-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8336556 False Ransomware,Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany. "The attack campaign has been leveraging rather]]> 2023-05-13T02:30:00+00:00 https://thehackernews.com/2023/05/xworm-malware-exploits-follina.html www.secnews.physaphae.fr/article.php?IdArticle=8336193 False Malware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. "Successful exploits could allow attackers to monitor users\' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz said in a]]> 2023-05-12T19:46:00+00:00 https://thehackernews.com/2023/05/netgear-routers-flaws-expose-users-to.html www.secnews.physaphae.fr/article.php?IdArticle=8336095 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. "BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with this latest iteration," security researchers Shaul Vilkomir-Preisman and Eliran Nissan said. BPFDoor (]]> 2023-05-12T18:54:00+00:00 https://thehackernews.com/2023/05/new-variant-of-linux-backdoor-bpfdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8336078 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of malware dubbed DownEx. Bitdefender, in a report shared with The Hacker News, said the activity remains active, with evidence likely pointing to the involvement of Russia-based threat actors. The Romanian cybersecurity firm said it first detected the]]> 2023-05-10T18:35:00+00:00 https://thehackernews.com/2023/05/sophisticated-downex-malware-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8335246 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia\'s Federal Security Service (FSB). Snake, dubbed the "most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called Turla (aka Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear,]]> 2023-05-10T14:14:00+00:00 https://thehackernews.com/2023/05/us-government-neutralizes-russias-most.html www.secnews.physaphae.fr/article.php?IdArticle=8335109 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is a polyglot file containing a decoy document and a JavaScript file. The]]> 2023-05-08T11:40:00+00:00 https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html www.secnews.physaphae.fr/article.php?IdArticle=8334212 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented strain of Android malware called FluHorse that abuses the Flutter software development framework. "The malware features several malicious Android applications that mimic legitimate applications, most of which have more than 1,000,000 installs," Check Point said in]]> 2023-05-05T19:17:00+00:00 https://thehackernews.com/2023/05/new-android-malware-fluhorse-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8333796 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and smartphone wallpaper packs. The apps have since been taken down. The operation primarily targeted users]]> 2023-05-05T12:51:00+00:00 https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.html www.secnews.physaphae.fr/article.php?IdArticle=8333713 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. "Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links, downloading malware or sharing personal information across the internet," Guy Rosen, chief information]]> 2023-05-04T16:21:00+00:00 https://thehackernews.com/2023/05/meta-uncovers-massive-social-media.html www.secnews.physaphae.fr/article.php?IdArticle=8333429 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI\'s ChatGPT as a lure to propagate about 10 malware families since March 2023. The development comes against the backdrop of fake ChatGPT web browser extensions being increasingly used to steal users\' Facebook account credentials with an aim to run]]> 2023-05-04T14:27:00+00:00 https://thehackernews.com/2023/05/meta-takes-down-malware-campaign-that.html www.secnews.physaphae.fr/article.php?IdArticle=8333398 False Malware ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity. Trend Micro attributed the intrusion set to a cyber espionage group it tracks under the name Earth Longzhi, which is a subgroup within APT41 (aka HOODOO]]> 2023-05-03T18:57:00+00:00 https://thehackernews.com/2023/05/chinese-hacker-group-earth-longzhi.html www.secnews.physaphae.fr/article.php?IdArticle=8333157 False Malware APT 41 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as ScarCruft began experimenting with oversized LNK files as a delivery route for RokRAT malware as early as July 2022, the same month Microsoft began blocking macros across Office documents by default. "RokRAT has not changed significantly over the years, but its deployment methods have evolved, now utilizing archives containing LNK files that initiate]]> 2023-05-02T12:24:00+00:00 https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html www.secnews.physaphae.fr/article.php?IdArticle=8332732 False Malware,Threat APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed Decoy Dog targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of queries are transmitted to the command-and-control (C2) domains so as to not arouse any suspicion. "]]> 2023-05-01T18:01:00+00:00 https://thehackernews.com/2023/05/new-decoy-dog-malware-toolkit-uncovered.html www.secnews.physaphae.fr/article.php?IdArticle=8332531 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer. "The Atomic macOS Stealer can steal various types of information from the victim\'s machine, including Keychain passwords, complete system information, files from the desktop and documents folder, and]]> 2023-04-28T17:29:00+00:00 https://thehackernews.com/2023/04/new-atomic-macos-stealer-can-steal-your.html www.secnews.physaphae.fr/article.php?IdArticle=8331871 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Stopping new and evasive threats is one of the greatest challenges in cybersecurity. This is among the biggest reasons why attacks increased dramatically in the past year yet again, despite the estimated $172 billion spent on global cybersecurity in 2022. Armed with cloud-based tools and backed by sophisticated affiliate networks, threat actors can develop new and evasive malware more quickly]]> 2023-04-28T17:23:00+00:00 https://thehackernews.com/2023/04/why-your-detection-first-security.html www.secnews.physaphae.fr/article.php?IdArticle=8331872 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A significant number of victims in the consumer and enterprise sectors located across Australia, Japan, the U.S., and India have been affected by an evasive information-stealing malware called ViperSoftX. ViperSoftX was first documented in 2020, with cybersecurity company Avast detailing a campaign in November 2022 that leveraged the malware to distribute a malicious Google Chrome extension]]> 2023-04-28T17:00:00+00:00 https://thehackernews.com/2023/04/vipersoftx-infostealer-adopts.html www.secnews.physaphae.fr/article.php?IdArticle=8331854 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant\'s Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not only hold criminal operators of malware accountable, but also those who profit from its distribution.]]> 2023-04-27T21:26:00+00:00 https://thehackernews.com/2023/04/google-gets-court-order-to-take-down.html www.secnews.physaphae.fr/article.php?IdArticle=8331645 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Remote Access Trojans (RATs) have taken the third leading position in ANY. RUN\'s Q1 2023 report on the most prevalent malware types, making it highly probable that your organization may face this threat. Though LimeRAT might not be the most well-known RAT family, its versatility is what sets it apart. Capable of carrying out a broad spectrum of malicious activities, it excels not only in data]]> 2023-04-27T17:15:00+00:00 https://thehackernews.com/2023/04/limerat-malware-analysis-extracting.html www.secnews.physaphae.fr/article.php?IdArticle=8331552 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The prolific Iranian nation-state group known as Charming Kitten targeted multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools. Discovered by Bitdefender Labs, BellaCiao is a "personalized dropper" that\'s capable of delivering other malware payloads onto a victim machine based on commands received]]> 2023-04-26T18:46:00+00:00 https://thehackernews.com/2023/04/charming-kittens-new-bellaciao-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8331253 False Malware APT 35,APT 35 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) group referred to as Evasive Panda has been observed targeting an international non-governmental organization (NGO) in Mainland China with malware delivered via update channels of legitimate applications like Tencent QQ. The attack chains are designed to distribute a Windows installer for MgBot malware, ESET security researcher Facundo Muñoz said in a new]]> 2023-04-26T18:03:00+00:00 https://thehackernews.com/2023/04/chinese-hackers-using-mgbot-malware-to.html www.secnews.physaphae.fr/article.php?IdArticle=8331239 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "[RustBucket] communicates with command and control (C2) servers to download and execute various payloads," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week.  The Apple device management company attributed it]]> 2023-04-25T16:57:00+00:00 https://thehackernews.com/2023/04/lazarus-subgroup-targeting-apple.html www.secnews.physaphae.fr/article.php?IdArticle=8330891 False Malware,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "It also contains environment checking and Anti-VM functions. Its primary purpose seems to be to]]> 2023-04-24T12:06:00+00:00 https://thehackernews.com/2023/04/new-all-in-one-evilextractor-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8330502 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users. The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today. The findings are crucial, not least because it marks the first publicly documented example of the]]> 2023-04-20T17:26:00+00:00 https://thehackernews.com/2023/04/lazarus-group-adds-linux-malware-to.html www.secnews.physaphae.fr/article.php?IdArticle=8329661 False Malware APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe," Uptycs security researcher Tejaswini Sandapolla said in a technical report published this week.]]> 2023-04-19T16:58:00+00:00 https://thehackernews.com/2023/04/pakistani-hackers-use-linux-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8329331 False Malware,Tool,Threat APT 36 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of entities in Europe, U.S. government institutions, and about 250 Ukrainian victims. The]]> 2023-04-19T15:00:00+00:00 https://thehackernews.com/2023/04/us-and-uk-warn-of-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8329311 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" (read: invalid printer) that\'s used to deliver the Aurora information stealer malware. "The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM (virtual machine) technique," cybersecurity firm Morphisec said in a report]]> 2023-04-18T19:15:00+00:00 https://thehackernews.com/2023/04/youtube-videos-distributing-aurora.html www.secnews.physaphae.fr/article.php?IdArticle=8328933 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app storefront in South Korea. The rogue component is part of a third-party software library used by the apps in]]> 2023-04-18T17:57:00+00:00 https://thehackernews.com/2023/04/goldoson-android-malware-infects-over.html www.secnews.physaphae.fr/article.php?IdArticle=8328883 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spain, the U.S., Russia, France, the U.K., and Morocco. QBot (aka Qakbot or Pinkslipbot) is a banking]]> 2023-04-17T21:36:00+00:00 https://thehackernews.com/2023/04/new-qbot-banking-trojan-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8328672 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-on exploitation on compromised systems, including delivering a lesser-known information stealer that]]> 2023-04-17T19:20:00+00:00 https://thehackernews.com/2023/04/fin7-and-ex-conti-cybercrime-gangs-join.html www.secnews.physaphae.fr/article.php?IdArticle=8328617 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week. "Once the]]> 2023-04-17T12:29:00+00:00 https://thehackernews.com/2023/04/new-zaraza-bot-credential-stealer-sold.html www.secnews.physaphae.fr/article.php?IdArticle=8328537 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user\'s mobile device doesn\'t impact their account. "Mobile device malware is one of the biggest threats to people\'s privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages,"]]> 2023-04-13T18:32:00+00:00 https://thehackernews.com/2023/04/whatsapp-introduces-new-device.html www.secnews.physaphae.fr/article.php?IdArticle=8327447 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the Indian education sector using a continuously maintained piece of malware called Crimson RAT. While the suspected Pakistan-based threat group is known to target military and government entities in the country, the activities have since expanded to include the education]]> 2023-04-13T15:49:00+00:00 https://thehackernews.com/2023/04/pakistan-based-transparent-tribe.html www.secnews.physaphae.fr/article.php?IdArticle=8327425 False Malware,Threat APT 36 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps," Kaspersky said in a new report based on messages]]> 2023-04-11T17:59:00+00:00 https://thehackernews.com/2023/04/cybercriminals-turn-to-android-loaders.html www.secnews.physaphae.fr/article.php?IdArticle=8326634 False Malware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was detailed by JFrog late last month, impersonated legitimate packages to execute PowerShell code designed to retrieve a follow-on binary]]> 2023-04-11T14:46:00+00:00 https://thehackernews.com/2023/04/cryptocurrency-stealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8326568 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. The massive campaign, per GoDaddy\'s Sucuri, "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play out in waves once every few weeks. "This campaign is easily identified]]> 2023-04-10T15:46:00+00:00 https://thehackernews.com/2023/04/over-1-million-wordpress-sites-infected.html www.secnews.physaphae.fr/article.php?IdArticle=8326309 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Portuguese users are being targeted by a new malware codenamed CryptoClippy that\'s capable of stealing cryptocurrency as part of a malvertising campaign. The activity leverages SEO poisoning techniques to entice users searching for "WhatsApp web" to rogue domains hosting the malware, Palo Alto Networks Unit 42 said in a new report published today.  CryptoClippy, a C-based executable, is a type]]> 2023-04-05T19:47:00+00:00 https://thehackernews.com/2023/04/cryptoclippy-new-clipper-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8325094 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Every year hundreds of millions of malware attacks occur worldwide, and every year businesses deal with the impact of viruses, worms, keyloggers, and ransomware. Malware is a pernicious threat and the biggest driver for businesses to look for cybersecurity solutions.  Naturally, businesses want to find products that will stop malware in its tracks, and so they search for solutions to do that.]]> 2023-04-05T17:19:00+00:00 https://thehackernews.com/2023/04/protect-your-company-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8325049 False Ransomware,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor behind the information-stealing malware known as Typhon Reborn has resurfaced with an updated version (V2) that packs in improved capabilities to evade detection and resist analysis. The new version is offered for sale on the criminal underground for $59 per month, $360 per year, or alternatively, for $540 for a lifetime subscription. "The stealer can harvest and exfiltrate]]> 2023-04-05T14:05:00+00:00 https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8324999 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chromium-based web browsers are the target of a new malware called Rilide that masquerades itself as a seemingly legitimate extension to harvest sensitive data and siphon cryptocurrency. "Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a broad spectrum of malicious activities, including monitoring  browsing history, taking screenshots,]]> 2023-04-04T18:37:00+00:00 https://thehackernews.com/2023/04/new-rilide-malware-targeting-chromium.html www.secnews.physaphae.fr/article.php?IdArticle=8324706 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022. Symantec, which is tracking the group under its insect-themed moniker Mantis, said the adversary is "going to great lengths to maintain a persistent presence on targeted networks." Also known by the names APT-C-23 and Desert]]> 2023-04-04T15:38:00+00:00 https://thehackernews.com/2023/04/arid-viper-hacking-group-using-upgraded.html www.secnews.physaphae.fr/article.php?IdArticle=8324634 False Malware,Threat APT-C-23 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery. Up until now, users were shown a dialog warning them that opening such attachments could harm their computer and data, but it was possible to dismiss the prompt and open the files. That\'s going]]> 2023-04-04T10:00:00+00:00 https://thehackernews.com/2023/04/microsoft-tightens-onenote-security-by.html www.secnews.physaphae.fr/article.php?IdArticle=8324574 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker\'s main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in the clipboard for hijacking purposes," Trend Micro researchers]]> 2023-04-03T14:50:00+00:00 https://thehackernews.com/2023/04/crypto-stealing-opcjacker-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8324311 False Malware,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, unsuitable for crypto mining, in order to enable and expand subsequent campaigns," SentinelOne security]]> 2023-03-30T15:38:00+00:00 https://thehackernews.com/2023/03/alienfox-malware-targets-api-keys-and.html www.secnews.physaphae.fr/article.php?IdArticle=8323406 False Malware,Threat,Prediction,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée. One of the artifacts is designed to drop a kernel-mode rootkit that\'s based on an open source project referred to as]]> 2023-03-29T17:31:00+00:00 https://thehackernews.com/2023/03/melofee-researchers-uncover-new-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8322933 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malware analysis is an essential part of security researcher\'s work. But working with malicious samples can be dangerous - it requires specialized tools to record their activity, and a secure environment to prevent unintended damage. However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we\'ll look at 4 ways to create a reverse]]> 2023-03-29T17:13:00+00:00 https://thehackernews.com/2023/03/how-to-build-research-lab-for-reverse.html www.secnews.physaphae.fr/article.php?IdArticle=8322934 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors [...] can be silent for years, show no network activity or any other signs of presence until the disastrous day when they replace a crypto wallet address," Vitaly Kamluk, director of]]> 2023-03-29T14:47:00+00:00 https://thehackernews.com/2023/03/trojanized-tor-browser-installers.html www.secnews.physaphae.fr/article.php?IdArticle=8322888 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors have been observed using two new variants of the IcedID malware in the wild with more limited functionality that removes functionality related to online banking fraud. IcedID, also known as BokBot, started off as a banking trojan in 2017. It\'s also capable of delivering additional malware, including ransomware. "The well-known IcedID version consists of an initial loader]]> 2023-03-28T17:38:00+00:00 https://thehackernews.com/2023/03/icedid-malware-shifts-focus-from.html www.secnews.physaphae.fr/article.php?IdArticle=8322506 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware loader dubbed DBatLoader. "The malware payload is distributed through WordPress websites that have authorized SSL certificates, which is a common tactic used by threat actors to evade detection engines," Zscaler researchers Meghraj Nandanwar and Satyam Singh said in a report]]> 2023-03-28T15:23:00+00:00 https://thehackernews.com/2023/03/stealthy-dbatloader-malware-loader.html www.secnews.physaphae.fr/article.php?IdArticle=8322482 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information-stealing malware has set its sights on Apple\'s macOS operating system to siphon sensitive information from compromised devices. Dubbed MacStealer, it\'s the latest example of a threat that uses Telegram as a command-and-control (C2) platform to exfiltrate data. It primarily affects devices running macOS versions Catalina and later running on M1 and M2 CPUs. "MacStealer has the]]> 2023-03-27T16:08:00+00:00 https://thehackernews.com/2023/03/new-macstealer-macos-malware-steals.html www.secnews.physaphae.fr/article.php?IdArticle=8322057 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware. According to multiple reports from AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler, the findings are illustrative of the group\'s continuous efforts to refine and retool its tactics to sidestep detection. "]]> 2023-03-22T17:54:00+00:00 https://thehackernews.com/2023/03/scarcrufts-evolving-arsenal-researchers.html www.secnews.physaphae.fr/article.php?IdArticle=8320487 False Malware,Threat,General Information,Cloud APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The NuGet repository is the target of a new "sophisticated and highly-malicious attack" aiming to infect .NET developer systems with cryptocurrency stealer malware. The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down. "The packages contained a PowerShell script that would execute upon installation and trigger a download of a \']]> 2023-03-22T14:28:00+00:00 https://thehackernews.com/2023/03/rogue-nuget-packages-infect-net.html www.secnews.physaphae.fr/article.php?IdArticle=8320430 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia. The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C# and is designed to evade "network-based forms of detection." REF2924 is the moniker assigned to an activity cluster linked to attacks against an entity]]> 2023-03-22T12:49:00+00:00 https://thehackernews.com/2023/03/new-naplistener-malware-used-by-ref2924.html www.secnews.physaphae.fr/article.php?IdArticle=8320412 False Malware,Threat,General Information None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report. ShellBot is installed on servers that]]> 2023-03-21T17:11:00+00:00 https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8320190 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-20T19:09:00+00:00 https://thehackernews.com/2023/03/new-dotrunpex-malware-delivers-multiple.html www.secnews.physaphae.fr/article.php?IdArticle=8319939 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-17T23:45:00+00:00 https://thehackernews.com/2023/03/fakecalls-vishing-malware-targets-south.html www.secnews.physaphae.fr/article.php?IdArticle=8319476 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-17T17:37:00+00:00 https://thehackernews.com/2023/03/new-golang-based-hinatabot-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8319398 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-17T15:52:00+00:00 https://thehackernews.com/2023/03/lookalike-telegram-and-whatsapp.html www.secnews.physaphae.fr/article.php?IdArticle=8319379 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-16T21:00:00+00:00 https://thehackernews.com/2023/03/chinese-and-russian-hackers-using.html www.secnews.physaphae.fr/article.php?IdArticle=8319153 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-16T19:09:00+00:00 https://thehackernews.com/2023/03/cryptojacking-group-teamtnt-suspected.html www.secnews.physaphae.fr/article.php?IdArticle=8319111 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-15T14:53:00+00:00 https://thehackernews.com/2023/03/tick-apt-targeted-high-value-customers.html www.secnews.physaphae.fr/article.php?IdArticle=8318731 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-14T17:32:00+00:00 https://thehackernews.com/2023/03/gobruteforcer-new-golang-based-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8318405 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-13T17:17:00+00:00 https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html www.secnews.physaphae.fr/article.php?IdArticle=8318057 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-13T11:45:00+00:00 https://thehackernews.com/2023/03/kamikakabot-malware-used-in-latest-dark.html www.secnews.physaphae.fr/article.php?IdArticle=8317972 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-11T19:02:00+00:00 https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html www.secnews.physaphae.fr/article.php?IdArticle=8317590 False Malware ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-10T19:32:00+00:00 https://thehackernews.com/2023/03/new-version-of-prometei-botnet-infects.html www.secnews.physaphae.fr/article.php?IdArticle=8317264 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-10T19:20:00+00:00 https://thehackernews.com/2023/03/china-linked-hackers-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8317265 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-10T15:33:00+00:00 https://thehackernews.com/2023/03/xenomorph-android-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8317206 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-10T13:13:00+00:00 https://thehackernews.com/2023/03/north-korean-unc2970-hackers-expands.html www.secnews.physaphae.fr/article.php?IdArticle=8317183 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-09T20:24:00+00:00 https://thehackernews.com/2023/03/hackers-exploiting-remote-desktop.html www.secnews.physaphae.fr/article.php?IdArticle=8316967 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-06T19:48:00+00:00 https://thehackernews.com/2023/03/new-hiatusrat-malware-targets-business.html www.secnews.physaphae.fr/article.php?IdArticle=8316001 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-04T16:48:00+00:00 https://thehackernews.com/2023/03/new-fixs-atm-malware-targeting-mexican.html www.secnews.physaphae.fr/article.php?IdArticle=8315565 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-02T16:51:00+00:00 https://thehackernews.com/2023/03/experts-identify-fully-featured-info.html www.secnews.physaphae.fr/article.php?IdArticle=8314978 False Malware,Threat,Guideline None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-02T13:33:00+00:00 https://thehackernews.com/2023/03/sysupdate-malware-strikes-again-with.html www.secnews.physaphae.fr/article.php?IdArticle=8314922 False Malware,Threat,Prediction APT 27 2.0000000000000000