This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T00:58:48+00:00 www.secnews.physaphae.fr RiskIQ - Société américaine spécialisée dans le dns passif. Digital credit skimming has undergone a significant transformation. Magecart, a band of threat groups now virtually synonymous with skimming itself, is barely recognizable from its early compromises of e-commerce platforms such as the titular Magento. This report will break down the latest trends in Magecart activity and other credit card skimming from Q1 2022 and analyze its new tooling and infrastructure.  The post Skimming for Sale: Commodity Skimming and Magecart Trends in Q1 2022 first appeared on RiskIQ.]]> 2022-05-17T10:00:46+00:00 https://www.riskiq.com/blog/external-threat-management/magecart-skimming-trends/ www.secnews.physaphae.fr/article.php?IdArticle=7765121 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. Diving into the infrastructure relationships that comprise the global attack surface can cut through the noise and deluge of signals to help security teams prioritize response and understand the most critical threats facing their organizations. By understanding threat infrastructure, threat intelligence can illuminate the threats that truly matter.   In this Threat Intelligence Roundup, we analyze many of these infrastructure connections across malware, phishing, botnet, and hijacked threat tooling to uncover and contextualize the latest threat campaigns. The post RiskIQ Threat Intelligence Roundup: Phishing, Botnets, and Hijacked Infrastructure   first appeared on RiskIQ.]]> 2022-05-05T13:00:37+00:00 https://www.riskiq.com/blog/external-threat-management/phishing-botnets/ www.secnews.physaphae.fr/article.php?IdArticle=7765122 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. This week's roundup again builds on powerful research published by the cybersecurity community about cyberattacks against Ukrainian citizens, refugees, and armed forces, including fraudulent sites attempting to fool people that want to donate money.  The post RiskIQ Threat Intelligence Roundup: Trickbot, Magecart, and More Fake Sites Targeting Ukraine  first appeared on RiskIQ.]]> 2022-04-07T13:00:15+00:00 https://www.riskiq.com/blog/external-threat-management/trickbot-magecart-fake-sites/ www.secnews.physaphae.fr/article.php?IdArticle=7765123 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. This roundup will highlight our researchers' focus on these campaigns, including analyzing phishing attacks targeting Ukrainian refugees. We'll also add insight to other threat campaigns worldwide, including malware campaigns, nation-state threat infrastructure, and Magecart digital credit card skimming, all of which can be found in the RiskIQ Threat Intelligence Portal (TIP). The post RiskIQ Threat Intelligence Roundup: Campaigns Targeting Ukraine and Global Malware Infrastructure first appeared on RiskIQ.]]> 2022-03-15T13:00:43+00:00 https://www.riskiq.com/blog/labs/ukraine-malware-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=7765124 False Malware,Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. Microsoft's acquisition of RiskIQ integrated RiskIQ PassiveTotal directly with Microsoft 365 Defender and Microsoft Sentinel providing a 360-view of your extended attack surface. The post RiskIQ Threat Intelligence Supercharges Microsoft Threat Detection and Response first appeared on RiskIQ.]]> 2022-02-28T13:00:42+00:00 https://www.riskiq.com/blog/external-threat-management/advanced-threat-detection/ www.secnews.physaphae.fr/article.php?IdArticle=7765125 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. In this roundup, we'll cover spoofed websites and hijacked infrastructure activity in greater detail. We'll also dissect new findings on malware campaigns, nation-state threat infrastructure, and Magecart digital credit card skimming. The post RiskIQ Intelligence Roundup: Spoofed Sites and Surprising Infrastructure Connections  first appeared on RiskIQ.]]> 2022-02-24T13:00:37+00:00 https://www.riskiq.com/blog/external-threat-management/spoofed-sites/ www.secnews.physaphae.fr/article.php?IdArticle=7765126 False Malware,Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. Hijacking infrastructure like domains gives threat actors quick access to finished, credible, and built-out systems at no cost. Below, we cover updates in global threat campaigns that rely on stolen infrastructure.  The post RiskIQ Threat Intelligence Roundup: QBot, Magecart, Agent Tesla Headline Hijacked Infrastructure   first appeared on RiskIQ.]]> 2022-02-10T13:00:32+00:00 https://www.riskiq.com/blog/external-threat-management/hijackedinfrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=7765127 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. RiskIQ's Threat Intelligence Portal (TIP) has become a valuable source of attack surface threat intelligence on global, industry, and local threats. The content in the portal sources hundreds of OSINT and original RiskIQ research articles enriched with indicators from the RiskIQ Global Collection Network, which spans over 2,500 networks globally and generates billions of events daily from open and closed sources.  The post RiskIQ Threat Intelligence Roundup: C2 and Nation-State Threat Infrastructure first appeared on RiskIQ.]]> 2022-01-26T16:00:15+00:00 https://www.riskiq.com/blog/external-threat-management/threat-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=7765128 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. We're making each investigative pattern repeatable - and massively scalable - by creating a Python library that works with Jupyter notebooks. By automating investigations using different investigative paths and procedures, RiskIQ's data sets become easier to use and scalable, with security teams enjoying the product's maximum benefit.   The post Jupyter Notebooks Make RiskIQ Data a Digital 'Mech Suit' for Threat Intelligence Analysts  first appeared on RiskIQ.]]> 2022-01-18T13:00:12+00:00 https://www.riskiq.com/blog/external-threat-management/jupyter-notebooks-threat-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=7765129 False Threat None None RiskIQ - Société américaine spécialisée dans le dns passif. Bulletproof hosting (BPH) is a collection of service offerings catering to internet-based criminal activity. Shinjiru is another example frequently appearing in threat infrastructure. The Malaysian hosting company shields its customers and their web content and servers from takedown requests, acting as a safe harbor for questionable or illicit activity. Shinjiru's IP space has a history of use for various malicious activities such as malware distribution, scams, phishing, and business email compromise, among others. This ICANN-accredited registrar has been allocated over 20,000 IP addresses by APNIC and maintains its own data centers in Malaysia. The post “Offshore” Shinjiru Provides Bulletproof Services to Cyberattackers first appeared on RiskIQ.]]> 2021-12-15T13:00:23+00:00 https://www.riskiq.com/blog/external-threat-management/shinjiru-bulletproof-services-threat-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=7765130 False Malware,Threat None None