This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-19T03:06:28+00:00 www.secnews.physaphae.fr SecurityWeek - Security News Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. ]]> 2024-04-23T12:50:57+00:00 https://www.securityweek.com/russian-cyberspies-deliver-gooseegg-malware-to-government-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8487450 False Malware,Tool APT 28 3.0000000000000000 SecurityWeek - Security News The US government says Russia\'s APT28 group compromised Ubiquiti EdgeRouters to run cyberespionage operations worldwide. ]]> 2024-02-28T12:36:12+00:00 https://www.securityweek.com/us-government-urges-cleanup-of-routers-infected-by-russias-apt28/ www.secnews.physaphae.fr/article.php?IdArticle=8456413 False None APT 28 3.0000000000000000 SecurityWeek - Security News Les agences gouvernementales américaines et britanniques ont émis un avertissement conjoint pour le groupe russe APT28 ciblant les routeurs Cisco en exploitant une ancienne vulnérabilité.

---

>US and UK government agencies have issued a joint warning for Russian group APT28 targeting Cisco routers by exploiting an old vulnerability. ]]> 2023-04-19T09:03:31+00:00 https://www.securityweek.com/us-uk-russia-exploiting-old-vulnerability-to-hack-cisco-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8329305 False Hack,Vulnerability APT 28 2.0000000000000000 SecurityWeek - Security News 2022-04-19T10:12:54+00:00 https://www.securityweek.com/us-hackers-continue-aiding-north-korea-generate-funds-cryptocurrency-attacks www.secnews.physaphae.fr/article.php?IdArticle=4476944 False None APT 38,APT 28 None SecurityWeek - Security News 2022-04-15T14:24:33+00:00 https://www.securityweek.com/north-korea-apt-lazarus-targeting-chemical-sector www.secnews.physaphae.fr/article.php?IdArticle=4457124 False None APT 38,APT 28 None SecurityWeek - Security News 2022-04-14T20:07:22+00:00 https://www.securityweek.com/us-gov-blames-north-korea-hackers-600m-cryptocurrency-heist www.secnews.physaphae.fr/article.php?IdArticle=4451205 False Medical APT 38,APT 28 None SecurityWeek - Security News 2022-01-31T15:41:44+00:00 https://www.securityweek.com/north-korean-hackers-abuse-windows-update-client-attacks-defense-industry www.secnews.physaphae.fr/article.php?IdArticle=4059850 False Threat APT 38,APT 28 None SecurityWeek - Security News 2022-01-14T15:29:16+00:00 https://www.securityweek.com/north-korean-hackers-stole-400-million-worth-cryptocurrency-2021 www.secnews.physaphae.fr/article.php?IdArticle=3965198 False None APT 38,APT 28 None SecurityWeek - Security News 2021-10-27T16:06:53+00:00 http://feedproxy.google.com/~r/securityweek/~3/gWK-Sb4KvR4/kaspersky-north-korean-hackers-targeting-it-supply-chain www.secnews.physaphae.fr/article.php?IdArticle=3573968 False None APT 38,APT 28 None SecurityWeek - Security News 2021-06-07T10:36:39+00:00 http://feedproxy.google.com/~r/securityweek/~3/QqGxNMqto4A/russian-hackers-use-new-skinnyboy-malware-attacks-military-government-orgs www.secnews.physaphae.fr/article.php?IdArticle=2884670 False Malware,Threat APT 28 3.0000000000000000 SecurityWeek - Security News 2021-02-26T04:48:42+00:00 http://feedproxy.google.com/~r/Securityweek/~3/W31waojQwU8/heres-how-north-korean-hackers-stole-data-isolated-network-segment www.secnews.physaphae.fr/article.php?IdArticle=2401911 False Threat APT 38,APT 28 None SecurityWeek - Security News sanctions against Russian spy agencies and more than a dozen individuals for trying to influence the 2016 presidential election and launching cyberattacks, including the destructive NotPetya campaign and operations targeting energy firms. The Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert via US-CERT last year to warn about attacks launched by a group known as Dragonfly, Crouching Yeti and Energetic Bear on critical infrastructure. Researchers previously linked Dragonfly to the Russian government and now the DHS has officially stated the same. US-CERT has updated its alert with some additional information. The new version of the alert replaces “APT actors” with “Russian government cyber actors.” The DHS said that based on its analysis of malware and indicators of compromise, Dragonfly attacks are ongoing, with threat actors “actively pursuing their ultimate objectives over a long-term campaign.” This is not the first time the U.S. has imposed sanctions on Russia over its attempt to influence elections. Russia has also been accused by Washington and others of launching the NotPetya attack last year. The Kremlin has always denied the accusations, but President Vladimir Putin did admit at one point that patriotic hackers could be behind the attacks. If Dragonfly and Sofacy (aka Fancy Bear, APT28, Sednit, Tsar Team and Pawn Storm) are truly operating out of Russia, they don't seem to be discouraged by sanctions and accusations. On March 12 and March 14, security firm Palo Alto Networks spotted attacks launched by Sofacy against an unnamed European government agency using an updated variant of a known tool. Sofacy has been using a Flash Player exploit platform dubbed DealersChoice since at least 2016 and it has continued improving it. The latest version has been delivered to a government organization in Europe using a spear phishing email referencing the “Underwat]]> 2018-03-16T14:40:02+00:00 http://feedproxy.google.com/~r/Securityweek/~3/H_qjWOR2vLM/sofacy-targets-european-govt-us-accuses-russia-hacking www.secnews.physaphae.fr/article.php?IdArticle=519656 False None NotPetya,APT 28 None SecurityWeek - Security News fileless attacks, primarily via PowerShell, grew; and there was a surge in cryptocurrency hijacking malware. These were the primary threats outlined in the latest McAfee Lab's Threat Report (PDF) covering Q4 2017. The growth of cryptomining malware coincided with the surge in Bitcoin value, which peaked at just under $20,000 on Dec. 22. With the cost of dedicated mining hardware at upwards of $5,000 per machine, criminals chose to steal users' CPU time via malware. It demonstrates how criminals always follow the money, and choose the least expensive method of acquiring it with the greatest chance of avoiding detection. Since December, Bitcoin's value has fallen to $9,000 (at the time of publishing). Criminals' focus on Bitcoin is likewise being modified, with Ethereum and Monero becoming popular. Last week, Microsoft discovered a major campaign focused on stealing Electroneum. "We currently see discussions in underground forums that suggest moving from Bitcoin to Litecoin because the latter is a safer model with less chance of exposure," comments Raj Samani, chief scientist and McAfee fellow with the Advanced Threat Research Team. The speed with which criminals adapt to their latest market conditions is also seen in the way they maximize their asymmetric advantage. "Adversaries," writes Samani, "have the luxury of access to research done by the technical community, and can download and use opensource tools to support their campaigns, while the defenders' level of insight into cybercriminal activities is considerably more limited, and identifying evolving tactics often must take place after malicious campaigns have begun." Examples of attackers making use of legitimate research include Fancy Bear (APT28) leveraging a Microsoft Office Dynamic Data Exchange technique in November 2017 that had been made public just a few we]]> 2018-03-13T15:50:02+00:00 http://feedproxy.google.com/~r/Securityweek/~3/oZrY8mCN0zo/usual-threats-more-sophisticated-and-faster-report www.secnews.physaphae.fr/article.php?IdArticle=510719 True None NotPetya,APT 28,Equifax None SecurityWeek - Security News 2018-02-20T18:41:02+00:00 http://feedproxy.google.com/~r/Securityweek/~3/56CeXXwJ6pI/russian-cyberspies-shift-focus-nato-countries-asia www.secnews.physaphae.fr/article.php?IdArticle=486815 False None APT 28 None SecurityWeek - Security News 2017-11-08T08:41:21+00:00 http://feedproxy.google.com/~r/Securityweek/~3/AUJO2VclBI0/russia-linked-spies-deliver-malware-dde-attack www.secnews.physaphae.fr/article.php?IdArticle=429856 False None APT 28 None SecurityWeek - Security News 2017-11-03T08:52:21+00:00 http://feedproxy.google.com/~r/Securityweek/~3/rfFnl95DqHU/russian-fancy-bear-hackers-abuse-blogspot-phishing www.secnews.physaphae.fr/article.php?IdArticle=427714 False None APT 28 None SecurityWeek - Security News 2017-10-20T11:06:44+00:00 http://feedproxy.google.com/~r/Securityweek/~3/IV_WEWgHz7M/russian-hackers-exploit-recently-patched-flash-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=421625 False None APT 28 None SecurityWeek - Security News 2017-07-25T11:45:09+00:00 http://feedproxy.google.com/~r/Securityweek/~3/-b3dQY_VWks/tech-firms-target-domains-used-russia-linked-threat-group www.secnews.physaphae.fr/article.php?IdArticle=388581 False None APT 28 None SecurityWeek - Security News 2017-05-11T15:15:18+00:00 http://feedproxy.google.com/~r/Securityweek/~3/TJZHeTdaSK0/who-hacked-french-president-elect-emmanuel-macrons-campaign www.secnews.physaphae.fr/article.php?IdArticle=364329 False None APT 28 5.0000000000000000 SecurityWeek - Security News 2017-04-04T08:38:10+00:00 http://feedproxy.google.com/~r/Securityweek/~3/H6Y087W3qyo/iaaf-says-russia-linked-hackers-accessed-medical-records www.secnews.physaphae.fr/article.php?IdArticle=351837 False None APT 28 None SecurityWeek - Security News 2017-02-15T09:56:45+00:00 http://feedproxy.google.com/~r/Securityweek/~3/8Oksqy71zaU/russian-cyberspies-use-new-mac-malware-steal-data www.secnews.physaphae.fr/article.php?IdArticle=314774 True None APT 28 None SecurityWeek - Security News 2017-02-13T16:52:34+00:00 http://feedproxy.google.com/~r/Securityweek/~3/ZMjfdMqZfPk/dhs-uses-cyber-kill-chain-analyze-russia-linked-election-hacks www.secnews.physaphae.fr/article.php?IdArticle=313106 False None APT 29,APT 28 None SecurityWeek - Security News Joint Analysis Report (JAR) published by the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) to detail tools used by Russian hackers in cyber attacks against the United States election didn't deliver on its promise, security experts argue. ]]> 2017-01-02T16:29:22+00:00 http://feedproxy.google.com/~r/Securityweek/~3/NJpEfw0rqRs/us-govs-grizzly-steppe-report-fails-achieve-purpose-experts www.secnews.physaphae.fr/article.php?IdArticle=283705 False None APT 29,APT 28 None SecurityWeek - Security News 2016-12-22T12:35:40+00:00 http://feedproxy.google.com/~r/Securityweek/~3/QAdQzbAlBXw/russia-used-android-malware-track-ukrainian-troops-report www.secnews.physaphae.fr/article.php?IdArticle=278491 False None APT 28 None SecurityWeek - Security News hybrid warfare against Germany, with specific focus on next year's elections. In particular, the APT28 (Fancy Bear) hacking group -- thought to be linked to the Russian government -- is accused of spreading propaganda and disinformation under the guise of 'hacktivists'. ]]> 2016-12-09T16:17:42+00:00 http://feedproxy.google.com/~r/Securityweek/~3/opEuosk23L0/germany-accuses-russia-hybrid-warfare www.secnews.physaphae.fr/article.php?IdArticle=270189 False None APT 28 None SecurityWeek - Security News 2016-11-09T19:16:58+00:00 http://feedproxy.google.com/~r/Securityweek/~3/AbpSk3WH-k0/cyberspies-ramped-attacks-after-exposure-zero-days www.secnews.physaphae.fr/article.php?IdArticle=251168 False None APT 28 None SecurityWeek - Security News 2016-11-02T07:51:40+00:00 http://feedproxy.google.com/~r/Securityweek/~3/8E1U12cVJwU/windows-zero-day-exploited-russia-linked-cyberspies www.secnews.physaphae.fr/article.php?IdArticle=242706 False None APT 28 None SecurityWeek - Security News hack and data leak in September. FireEye/Mandiant has been employed to do the forensic investigation. As of Oct. ]]> 2016-10-06T20:07:44+00:00 http://feedproxy.google.com/~r/Securityweek/~3/b8bPbaJtHvo/russian-hackers-may-have-manipulated-leaked-wada-data www.secnews.physaphae.fr/article.php?IdArticle=172874 False None APT 28 None SecurityWeek - Security News 2016-09-16T07:03:21+00:00 http://feedproxy.google.com/~r/Securityweek/~3/vB4iSJ-JVq8/hackers-leak-more-confidential-athlete-data www.secnews.physaphae.fr/article.php?IdArticle=74392 False None APT 28 None SecurityWeek - Security News 2016-08-24T11:54:24+00:00 http://feedproxy.google.com/~r/Securityweek/~3/xCx_Lu_NRQk/attack-olympics-anti-doping-agency-linked-russia www.secnews.physaphae.fr/article.php?IdArticle=8528 False None APT 28 None