This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-16T13:25:15+00:00 www.secnews.physaphae.fr AhnLab - Korean Security Firm The ASEC analysis team has recently been monitoring phishing emails with content related to requests for product quotations. These phishing emails are all disguised to seem as if they were sent by a manager with a high position, such as the team leader or department director of production companies or foundries. There were also .html and .htm attachments. This post will cover the two major phishing emails disguised as quotation requests. For convenience, these emails will be referred to as... ]]> 2023-01-31T23:32:00+00:00 https://asec.ahnlab.com/en/46199/ www.secnews.physaphae.fr/article.php?IdArticle=8306022 False Guideline None 3.0000000000000000 AhnLab - Korean Security Firm The ASEC analysis team is monitoring CoinMiners that are targeting Korean and overseas users. We have covered cases of various types of CoinMiner attacks over multiple blog posts in the past. This post aims to introduce the recently discovered malware that mine Ethereum Classic coins. 0. Overview CoinMiners are installed without user awareness and use the system’s resources to mine cryptocurrency, leading to low system performance. Threat actors that distribute CoinMiners tend to mine coins that guarantee anonymity, such as... ]]> 2023-01-31T00:32:00+00:00 https://asec.ahnlab.com/en/46774/ www.secnews.physaphae.fr/article.php?IdArticle=8305765 False Malware,Threat,Guideline None 2.0000000000000000 AhnLab - Korean Security Firm On July 21st, the ASEC analysis team discovered the distribution of phishing email disguised as Daum, one of Korea’s portal websites. The email was made to resemble an estimate request by including RFQ on the title. It uses its attachment to lead the user to a phishing webpage. The attachment is an HTML file, and opening the file automatically redirects the user to the following URL. hxxps://euoi8708twufevry4yuwfywe8y487r.herokuapp[.]com/sreverse.php After redirection, the phishing webpage (see Figure 3 on the left) disguised as... ]]> 2022-07-28T05:43:00+00:00 https://asec.ahnlab.com/en/37270/ www.secnews.physaphae.fr/article.php?IdArticle=5983698 False Guideline None None