This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-30T23:02:32+00:00 www.secnews.physaphae.fr SentinelOne (Adversary) - Cyber Firms Les acteurs de la menace nord-coréenne tentent de poursuivre le programme de missiles en compromettant la société de défense russe sanctionnée avec OpenCarrot Backdoor.

---

>North Korean threat actors attempt to further missile program by compromising sanctioned Russian defense company with OpenCarrot backdoor. ]]> 2023-12-08T01:56:36+00:00 https://fr.sentinelone.com/labs/comrades-in-arms-north-korea-compromises-sanctioned-russian-missile-engineering-company/ www.secnews.physaphae.fr/article.php?IdArticle=8420101 False Threat None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms China-aligned threat actors are increasingly involved in strategic intrusions in Africa, aiming to extend the PRC\'s influence across the continent.]]> 2023-09-21T17:00:01+00:00 https://www.sentinelone.com/labs/cyber-soft-power-chinas-continental-takeover/ www.secnews.physaphae.fr/article.php?IdArticle=8388316 False Threat None 4.0000000000000000 SentinelOne (Adversary) - Cyber Firms Threat actors abuse Adobe Creative Cloud, Edge, and other executables vulnerable to DLL hijacking in campaign targeting the Southeast Asian gambling sector.]]> 2023-08-17T09:55:08+00:00 https://www.sentinelone.com/labs/chinese-entanglement-dll-hijacking-in-the-asian-gambling-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8388317 False Threat None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms North Korean threat actors attempt to further missile program by compromising sanctioned Russian defense company with OpenCarrot backdoor.]]> 2023-08-07T09:58:32+00:00 https://www.sentinelone.com/labs/comrades-in-arms-north-korea-compromises-sanctioned-russian-missile-engineering-company/ www.secnews.physaphae.fr/article.php?IdArticle=8388318 False Threat None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms A Brazilian threat actor is targeting users of over 30 Portuguese financial institutions with custom backdoors.]]> 2023-05-25T10:55:11+00:00 https://www.sentinelone.com/labs/operation-magalenha-long-running-campaign-pursues-portuguese-credentials-and-pii/ www.secnews.physaphae.fr/article.php?IdArticle=8388319 False Threat None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.]]> 2023-05-23T11:23:42+00:00 https://www.sentinelone.com/labs/kimsuky-ongoing-campaign-using-tailored-reconnaissance-toolkit/ www.secnews.physaphae.fr/article.php?IdArticle=8388320 False None None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.]]> 2023-03-30T09:55:52+00:00 https://www.sentinelone.com/labs/dissecting-alienfox-the-cloud-spammers-swiss-army-knife/ www.secnews.physaphae.fr/article.php?IdArticle=8388321 False Cloud None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms A new threat cluster has been targeting telecommunication providers in the Middle East and abusing Microsoft, Google and Dropbox cloud services.]]> 2023-02-16T10:55:24+00:00 https://www.sentinelone.com/labs/wip26-espionage-threat-actors-abuse-cloud-infrastructure-in-targeted-telco-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8388322 False Threat,Cloud None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms A cluster of attacks SentinelLabs tracks as DragonSpark uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.]]> 2023-01-24T10:55:22+00:00 https://www.sentinelone.com/labs/dragonspark-attacks-evade-detection-with-sparkrat-and-golang-source-code-interpretation/ www.secnews.physaphae.fr/article.php?IdArticle=8388323 False Tool None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms In the name of Russia\'s war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO\'s critical infrastructure.]]> 2023-01-12T10:55:12+00:00 https://www.sentinelone.com/labs/noname05716-the-pro-russian-hacktivist-group-targeting-nato/ www.secnews.physaphae.fr/article.php?IdArticle=8388324 False None None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.]]> 2022-12-13T18:12:18+00:00 https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers/ www.secnews.physaphae.fr/article.php?IdArticle=8388325 False Threat None 2.0000000000000000