This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T23:14:49+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch "Infernal Drainer" campaign represents a dangerous evolution in crypto-drainers, credibly spoofing Coinbase and maintaining a vast infrastructure-for-rent biz.]]> 2024-01-17T21:24:00+00:00 https://www.darkreading.com/cloud-security/80m-crypto-disappears-drainer-malware-hell www.secnews.physaphae.fr/article.php?IdArticle=8440043 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Emerging malware variants can evade various static-signature detection engines, including XProtect, as attackers rapidly evolve to challenge defense systems.]]> 2024-01-17T16:15:00+00:00 https://www.darkreading.com/endpoint-security/sophisticated-macos-infostealers-apple-built-in-detection www.secnews.physaphae.fr/article.php?IdArticle=8439956 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch An emerging threat actor, Water Curupira, is wielding a new, sophisticated loader in a series of thread-jacking phishing campaigns that precede ransomware.]]> 2024-01-10T16:29:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/pikabot-malware-qakbot-replacement-black-basta-attacks www.secnews.physaphae.fr/article.php?IdArticle=8437569 False Ransomware,Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Videos promoting how to crack popular software circumvent Web filters by using GitHub and MediaFire to propagate the malware.]]> 2024-01-09T15:35:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/weaponized-youtube-channels-spread-lumma-stealer www.secnews.physaphae.fr/article.php?IdArticle=8437192 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Report says US and Israel spent $1 billion to develop the infamous Stuxnet virus, built to sabotage Iran\'s nuclear program in 2008.]]> 2024-01-09T02:00:00+00:00 https://www.darkreading.com/ics-ot-security/us-israel-dutch-spy-stuxnet-malware-against-iran www.secnews.physaphae.fr/article.php?IdArticle=8436803 False Malware None 5.0000000000000000 Dark Reading - Informationweek Branch The post-exploitation backdoor is the latest in a string of custom tools aimed at spying on Apple users.]]> 2024-01-05T20:00:00+00:00 https://www.darkreading.com/threat-intelligence/north-korea-debuts-spectralblur-malware-amid-macos-onslaught www.secnews.physaphae.fr/article.php?IdArticle=8435266 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch The shadowy threat actor uses some nifty tricks to drop popular malware with targets that meet its specifications.]]> 2023-12-21T22:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/battleroyal-hackers-deliver-darkgate-rat www.secnews.physaphae.fr/article.php?IdArticle=8427012 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.]]> 2023-12-21T16:20:00+00:00 https://www.darkreading.com/endpoint-security/chameleon-android-trojan-offers-biometric-bypass www.secnews.physaphae.fr/article.php?IdArticle=8426879 False Malware,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Seedworm, aka MuddyWater, drops PowerShell-based malware on victims using living-off-the-land techniques.]]> 2023-12-20T17:25:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/iranian-seedworm-cyber-spies-target-african-telcos-isps www.secnews.physaphae.fr/article.php?IdArticle=8426244 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft and several others have reported seeing the noxious malware surfacing again in a campaign targeting the hospitality industry.]]> 2023-12-19T23:05:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/new-qakbot-sightings-confirm-law-enforcement-takedown-was-temporary-setback www.secnews.physaphae.fr/article.php?IdArticle=8425743 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Gaza Cybergang has created a new backdoor version stuffed with tools to spy on and attack targets.]]> 2023-12-15T18:51:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/pro-hamas-attackers-hit-multiple-middle-eastern-targets www.secnews.physaphae.fr/article.php?IdArticle=8423330 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch The multifaceted malware leverages the NKN blockchain-based peer-to-peer networking protocol, operating as both a sophisticated backdoor and a flooder launching DDoS attacks.]]> 2023-12-15T18:20:00+00:00 https://www.darkreading.com/cloud-security/nkabuse-malware-blockchain-hide-linux-iot www.secnews.physaphae.fr/article.php?IdArticle=8423331 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The infamous vulnerability may be on the older side at this point, but North Korea\'s primo APT Lazarus is creating new, unique malware around it at a remarkable clip.]]> 2023-12-11T16:15:00+00:00 https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d www.secnews.physaphae.fr/article.php?IdArticle=8421118 False Malware,Vulnerability APT 38 2.0000000000000000 Dark Reading - Informationweek Branch Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.]]> 2023-12-11T16:00:00+00:00 https://www.darkreading.com/threat-intelligence/microsoft-mystery-group-targeting-telcos-chinese-apts www.secnews.physaphae.fr/article.php?IdArticle=8421098 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch New techniques in a second variant of the malware improved functionality and communication commands.]]> 2023-12-07T18:53:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/headcrab-malware-variants-commandeer-thousands-of-servers www.secnews.physaphae.fr/article.php?IdArticle=8419978 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A stealthy malware is infecting the systems of telecoms and other verticals in Thailand, remaining under the radar for two years after its code first appeared on VirusTotal.]]> 2023-12-07T17:43:00+00:00 https://www.darkreading.com/threat-intelligence/krasue-rat-cross-kernel-linux-rootkit-telecom www.secnews.physaphae.fr/article.php?IdArticle=8419958 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A decade and a half after Gh0st RAT first appeared, the "SugarGh0st RAT" variant aims to make life sweeter for cybercriminals.]]> 2023-11-30T20:50:00+00:00 https://www.darkreading.com/threat-intelligence/new-spookier-gh0st-rat-uzbekistan-south-korea www.secnews.physaphae.fr/article.php?IdArticle=8418151 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Lazarus and its cohorts are switching loaders and other code between RustBucket and KandyKorn macOS malware to fool victims and researchers.]]> 2023-11-28T17:30:00+00:00 https://www.darkreading.com/threat-intelligence/north-korean-apts-mix-and-match-malware-components-to-evade-detection www.secnews.physaphae.fr/article.php?IdArticle=8417572 False Malware APT 38,APT 38 2.0000000000000000 Dark Reading - Informationweek Branch Gaza Cybergang is using a version of the malware rewritten in the Rust programming language.]]> 2023-11-27T17:44:00+00:00 https://www.darkreading.com/attacks-breaches/hamas-linked-apt-wields-new-sysjoker-backdoor-against-israel www.secnews.physaphae.fr/article.php?IdArticle=8417281 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Gaza Cybergang is using a version of the malware rewritten in the Rust programming language.]]> 2023-11-26T22:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/hamas-linked-apt-wields-new-sysjoker-backdoor-against-israel www.secnews.physaphae.fr/article.php?IdArticle=8418320 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected.]]> 2023-11-20T22:01:00+00:00 https://www.darkreading.com/application-security/malware-trigonometry-track-mouse-strokes www.secnews.physaphae.fr/article.php?IdArticle=8415053 False Malware,Technical None 3.0000000000000000 Dark Reading - Informationweek Branch Combining a malware sandbox with threat intelligence feeds improves security detection, analysis, and response capabilities.]]> 2023-11-20T08:00:00+00:00 https://www.darkreading.com/threat-intelligence/leveraging-sandbox-and-threat-intelligence-feeds-to-combat-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8414726 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.]]> 2023-11-13T19:09:00+00:00 https://www.darkreading.com/threat-intelligence/ducktail-malware-targets-fashion-industry www.secnews.physaphae.fr/article.php?IdArticle=8411237 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.]]> 2023-11-09T23:15:00+00:00 https://www.darkreading.com/application-security/-blazestealer-python-malware-complete-takeover-developer www.secnews.physaphae.fr/article.php?IdArticle=8408794 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch One of the main challenges for Android users is protecting themselves malicious applications that can damage devices or perform other harmful actions.]]> 2023-11-09T18:00:00+00:00 https://www.darkreading.com/endpoint/how-to-outsmart-malware-attacks-that-can-fool-antivirus-protection www.secnews.physaphae.fr/article.php?IdArticle=8408639 False Malware,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Kim Jong-Un\'s hackers are scraping the bottom of the barrel, using script kiddie-grade malware to steal devalued digital assets.]]> 2023-11-07T20:11:00+00:00 https://www.darkreading.com/threat-intelligence/north-korea-bluenoroff-apt-dumbed-down-macos-malware www.secnews.physaphae.fr/article.php?IdArticle=8407439 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Posing as fellow engineers, the North Korean state-sponsored cybercrime group Lazarus tricked crypto-exchange developers into downloading the hard-to-detect malware.]]> 2023-11-03T18:55:00+00:00 https://www.darkreading.com/endpoint/kandykorn-macos-malware-lures-crypto-engineers www.secnews.physaphae.fr/article.php?IdArticle=8405460 False Malware APT 38,APT 38 2.0000000000000000 Dark Reading - Informationweek Branch The government-backed APT\'s new malware framework represents a step up in Iran\'s cyber sophistication.]]> 2023-11-02T14:46:00+00:00 https://www.darkreading.com/dr-global/-scarred-manticore-unleashes-most-advanced-iranian-espionage www.secnews.physaphae.fr/article.php?IdArticle=8404734 False Malware APT 34 3.0000000000000000 Dark Reading - Informationweek Branch The wider availability of turnkey cyberattack kits in the criminal underground is leading to a glut of campaigns using remote access Trojans (RATs).]]> 2023-10-31T19:45:00+00:00 https://www.darkreading.com/endpoint/malware-meal-kits-serve-up-no-fuss-rat-attacks www.secnews.physaphae.fr/article.php?IdArticle=8403701 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The APT group uses updates from the app to get the user to download the malware.]]> 2023-10-31T17:44:00+00:00 https://www.darkreading.com/dr-global/arid-viper-camouflages-malware-in-knockoff-dating-app www.secnews.physaphae.fr/article.php?IdArticle=8403649 False Malware APT-C-23 3.0000000000000000 Dark Reading - Informationweek Branch An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless.]]> 2023-10-30T22:08:00+00:00 https://www.darkreading.com/endpoint/google-dynamic-search-ads-malware-deluge www.secnews.physaphae.fr/article.php?IdArticle=8403170 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.]]> 2023-10-26T13:15:00+00:00 https://www.darkreading.com/threat-intelligence/complex-spy-platform-stripedfly-bites-1m-victims-disguised-as-a-cryptominer www.secnews.physaphae.fr/article.php?IdArticle=8400863 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.]]> 2023-10-18T16:11:47+00:00 https://www.darkreading.com/attacks-breaches/north-korea-s-kimsuky-doubles-down-on-remote-desktop-control www.secnews.physaphae.fr/article.php?IdArticle=8397354 False Malware APT 43 2.0000000000000000 Dark Reading - Informationweek Branch Updating your browser when prompted is a good practice, just make sure the notification comes from the vendor themselves.]]> 2023-10-17T16:34:38+00:00 https://www.darkreading.com/threat-intelligence/watch-out-attackers-hiding-malware-browser-updates www.secnews.physaphae.fr/article.php?IdArticle=8396798 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The botnet - built for DDoS, backdooring, and dropping malware - is evading standard URL signature detections with a novel approach.]]> 2023-10-13T17:42:00+00:00 https://www.darkreading.com/cloud/shellbot-cracks-linux-ssh-servers-debuts-new-evasion-tactic www.secnews.physaphae.fr/article.php?IdArticle=8395222 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A plurality of the targets in the ongoing campaign have been based in the Americas.]]> 2023-10-12T20:50:56+00:00 https://www.darkreading.com/attacks-breaches/darkgate-operator-skype-teams-messages-distribute-malware www.secnews.physaphae.fr/article.php?IdArticle=8394878 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 - but their days are numbered now that Microsoft is finally deprecating the Windows programming. language.]]> 2023-10-12T20:23:45+00:00 https://www.darkreading.com/cloud/microsoft-retire-vbscript-cybercrime-chagrin www.secnews.physaphae.fr/article.php?IdArticle=8394880 False Malware None 1.00000000000000000000 Dark Reading - Informationweek Branch Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.]]> 2023-10-12T14:06:50+00:00 https://www.darkreading.com/endpoint/backdoor-lurks-behind-wordpress-caching-plugin-to-hijack-websites www.secnews.physaphae.fr/article.php?IdArticle=8394776 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail.]]> 2023-10-11T21:15:00+00:00 https://www.darkreading.com/threat-intelligence/chinese-stayin-alive-attacks-basic-loaders-asian-telcos www.secnews.physaphae.fr/article.php?IdArticle=8394490 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Threat intel experts see a reduced focus on desktop malware as threat groups prioritize passwords and tokens that let them access the same systems as remote workers.]]> 2023-10-11T12:00:00+00:00 https://www.darkreading.com/microsoft/a-frontline-report-of-chinese-threat-actor-tactics-and-techniques www.secnews.physaphae.fr/article.php?IdArticle=8394177 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch 2023-10-06T20:20:00+00:00 https://www.darkreading.com/attacks-breaches/watchguard-threat-lab-report-finds-endpoint-malware-volumes-decreasing-despite-campaigns-growing-more-expansive www.secnews.physaphae.fr/article.php?IdArticle=8392385 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The previously undocumented data exfiltration malware was part of a successful cyber-espionage campaign against the Guyanese government, likely by the Chinese.]]> 2023-10-05T21:20:00+00:00 https://www.darkreading.com/threat-intelligence/operation-jacana-dinodasrat-custom-backdoor www.secnews.physaphae.fr/article.php?IdArticle=8392009 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch The malware uses software to evade detection while also making it difficult to analyze.]]> 2023-10-05T19:45:00+00:00 https://www.darkreading.com/threat-intelligence/group-ib-golddigger-banking-trojan-targeting-vietnamese-organizations www.secnews.physaphae.fr/article.php?IdArticle=8391962 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch It\'s never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now makes it easy to take advantage of those who stumble upon it.]]> 2023-10-04T16:20:09+00:00 https://www.darkreading.com/application-security/turnkey-rootkit-amateur-hackers-supply-chain-attacks www.secnews.physaphae.fr/article.php?IdArticle=8391525 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The Lazarus Group\'s "LightlessCan" malware executes multiple native Windows commands within the RAT itself, making detection significantly harder, security vendor says.]]> 2023-10-02T20:51:09+00:00 https://www.darkreading.com/cloud/north-korea-meta-complex-backdoor-aerospace www.secnews.physaphae.fr/article.php?IdArticle=8390638 False Malware APT 38 3.0000000000000000 Dark Reading - Informationweek Branch The Menorah malware can upload and download files, as well as execute shell commands.]]> 2023-10-02T17:19:00+00:00 https://www.darkreading.com/dr-global/iran-linked-apt34-spy-campaign-targets-saudis www.secnews.physaphae.fr/article.php?IdArticle=8390594 False Malware APT 34,APT 34 3.0000000000000000 Dark Reading - Informationweek Branch The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.]]> 2023-09-29T18:43:00+00:00 https://www.darkreading.com/dr-global/spyware-vendor-egyptian-orgs-ios-exploit-chain www.secnews.physaphae.fr/article.php?IdArticle=8389607 False Malware,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.]]> 2023-09-29T13:55:00+00:00 https://www.darkreading.com/dr-global/targeted-attacks-on-azerbaijan-businesses-drop-malware-via-fake-image-files www.secnews.physaphae.fr/article.php?IdArticle=8389498 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch The Trojan had mainly been infecting banks in Europe since it first surfaced more than one year ago.]]> 2023-09-25T21:17:00+00:00 https://www.darkreading.com/remote-workforce/xenomorph-android-malware-targets-customers-of-30-us-banks www.secnews.physaphae.fr/article.php?IdArticle=8387782 False Malware None 1.00000000000000000000 Dark Reading - Informationweek Branch The Sandman group\'s main malware is among the very few that use the Lua scripting language and its just-in-time compiler.]]> 2023-09-21T22:04:00+00:00 https://www.darkreading.com/attacks-breaches/mysterious-sandman-apt-targets-telecom-sector-with-novel-backdoor www.secnews.physaphae.fr/article.php?IdArticle=8386472 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A supposed exploit for a notable RCE vulnerability in the popular Windows file-archiving utility delivers a big sting for unwitting researchers and cybercriminals.]]> 2023-09-20T20:09:00+00:00 https://www.darkreading.com/application-security/fake-winrar-poc-exploit-conceals-venomrat-malware www.secnews.physaphae.fr/article.php?IdArticle=8386016 False Malware,Vulnerability None 1.00000000000000000000 Dark Reading - Informationweek Branch The group\'s use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.]]> 2023-09-20T20:08:00+00:00 https://www.darkreading.com/attacks-breaches/fbi-cisa-issue-joint-warning-on-snatch-ransomware-as-a-service www.secnews.physaphae.fr/article.php?IdArticle=8386017 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The GitLab code hijacks computer resources to mine Dero cryptocurrency as part of a larger cryptomining operation.]]> 2023-09-20T14:00:08+00:00 https://www.darkreading.com/attacks-breaches/culturestreak-malware-lurks-gitlab-python-package www.secnews.physaphae.fr/article.php?IdArticle=8385867 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch "SprySOCKS" melds features from multiple previously known badware and adds to the threat actor\'s growing malware arsenal, Trend Micro says.]]> 2023-09-19T21:11:00+00:00 https://www.darkreading.com/attacks-breaches/china-linked-actor-taps-linux-backdoor-in-forceful-espionage-campaign www.secnews.physaphae.fr/article.php?IdArticle=8385512 False Malware,Threat,Prediction None 3.0000000000000000 Dark Reading - Informationweek Branch The "MrTonyScam" has a surprisingly high success rate, spreading a Python-based stealer to some 100,000 business accounts per week.]]> 2023-09-12T16:30:00+00:00 https://www.darkreading.com/endpoint/millions-facebook-business-accounts-python-malware www.secnews.physaphae.fr/article.php?IdArticle=8381888 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features.]]> 2023-08-31T19:00:00+00:00 https://www.darkreading.com/threat-intelligence/cybercriminals-team-up-upgrade-sapphirestealer-malware www.secnews.physaphae.fr/article.php?IdArticle=8377910 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The Kinsing threat group has launched more than 1,000 cyberattacks in less than two months, exploiting a security vulnerability in the internal corporate messaging app in order to upload the malware and a cryptominer.]]> 2023-08-31T14:59:00+00:00 https://www.darkreading.com/remote-workforce/cyberattackers-openfire-cloud-servers-takeover-barrage www.secnews.physaphae.fr/article.php?IdArticle=8377226 False Malware,Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Thousands of devices have become infected with "BadBazaar," malware previously used to spy on Uyghur and Turkic ethnic minorities in China.]]> 2023-08-30T21:54:00+00:00 https://www.darkreading.com/attacks-breaches/china-group-spreads-android-spyware-via-trojan-signal-telegram-apps www.secnews.physaphae.fr/article.php?IdArticle=8376932 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A sophisticated threat actor managed to fly under the radar for three years, despite flexing serious muscle.]]> 2023-08-30T21:09:00+00:00 https://www.darkreading.com/attacks-breaches/-apt-attacks-from-earth-estries-hit-govt-tech-with-custom-malware www.secnews.physaphae.fr/article.php?IdArticle=8376933 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch "Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind.]]> 2023-08-29T20:53:00+00:00 https://www.darkreading.com/threat-intelligence/sprawling-qakbot-malware-takedown-spans-700-000-infected-machines www.secnews.physaphae.fr/article.php?IdArticle=8376427 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Report unmasks recent cybersecurity challenges for governments, healthcare, financial services, and vital infrastructure.]]> 2023-08-28T07:00:00+00:00 https://www.darkreading.com/threat-intelligence/malware-unleashed-public-sector-hit-in-sudden-surge-reveals-new-research www.secnews.physaphae.fr/article.php?IdArticle=8375544 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Roblox gaming developers are lured in by a package that claims to create useful scripts to interact with the Roblox website, for example by “promot(ing) users, shout events, and so on, or to create Discord utiltiies (sic) to manage their community.”]]> 2023-08-25T18:25:00+00:00 https://www.darkreading.com/vulnerabilities-threats/luna-grabber-malware-targets-roblox-gaming-devs www.secnews.physaphae.fr/article.php?IdArticle=8374614 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Deployed by the infamous SmokeLoader botnet, the location-tracking malware could be used for a host of follow-on cyberattacks or even physical targeting.]]> 2023-08-25T16:34:08+00:00 https://www.darkreading.com/attacks-breaches/whiffy-recon-malware-transmits-device-location-every-60-seconds www.secnews.physaphae.fr/article.php?IdArticle=8374594 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Malware aimed at macOS is no longer just a knockoff of a Windows bug, as a new infostealer proliferating on Mac laptops demonstrates.]]> 2023-08-22T19:10:00+00:00 https://www.darkreading.com/vulnerabilities-threats/newer-better-xloader-signals-dangerous-shift-macos-malware www.secnews.physaphae.fr/article.php?IdArticle=8373207 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Dubbed Carderbee, the group used legitimate software and Microsoft-signed malware to spread the Korplug/PlugX backdoor to various Asian targets.]]> 2023-08-22T10:05:00+00:00 https://www.darkreading.com/attacks-breaches/chinese-apt-targets-hong-kong-in-supply-chain-attack www.secnews.physaphae.fr/article.php?IdArticle=8373041 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections.]]> 2023-08-11T17:19:00+00:00 https://www.darkreading.com/ics-ot/xworm-remcos-rat-evade-edrs-infect-critical-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=8369056 False Malware,Industrial None 2.0000000000000000 Dark Reading - Informationweek Branch The group continues to target SQL servers, adding the Remcos RAT, BatCloak, and Metasploit in an attack that shows advance obfuscation methods.]]> 2023-08-07T16:11:00+00:00 https://www.darkreading.com/ics-ot/mallox-ransomware-group-steams-ahead-with-new-variant-evasion-tactics www.secnews.physaphae.fr/article.php?IdArticle=8366836 False Ransomware,Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The Hidden Virtual Network Computing (hVNC) malware infests Macs and silently executes complete takeovers, with no user permission needed. It also sports persistence through reboots.]]> 2023-08-01T17:25:47+00:00 https://www.darkreading.com/application-security/apple-users-remote-control-tricky-macos-malware www.secnews.physaphae.fr/article.php?IdArticle=8364379 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch The DarkBART and DarkBERT cybercriminal chatbots, based on Google Bard, represent a major leap ahead for adversarial AI, including Google Lens integration for images and instant access to the whole of the cyber-underground knowledge base.]]> 2023-08-01T17:17:00+00:00 https://www.darkreading.com/application-security/gpt-based-malware-trains-dark-web www.secnews.physaphae.fr/article.php?IdArticle=8364380 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a C2.]]> 2023-07-31T19:33:00+00:00 https://www.darkreading.com/ics-ot/air-gapped-ics-systems-targeted-sophisticated-malware www.secnews.physaphae.fr/article.php?IdArticle=8364010 False Malware,Tool,Threat,Industrial None 2.0000000000000000 Dark Reading - Informationweek Branch Techniques are similar to those in previous North Korean attacks and could be linked to well-known cyber-espionage organizations.]]> 2023-07-29T01:00:00+00:00 https://www.darkreading.com/attacks-breaches/stark-mule-malware-campaign-targets-koreans-uses-us-army-documents www.secnews.physaphae.fr/article.php?IdArticle=8362879 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The malware, along with a sister strain dubbed "FakeTrade," was found lurking in Google Play.]]> 2023-07-28T20:43:00+00:00 https://www.darkreading.com/attacks-breaches/cherrybios-malware-ocr-android-users-cryptocurrency www.secnews.physaphae.fr/article.php?IdArticle=8362919 False Malware None 1.00000000000000000000 Dark Reading - Informationweek Branch Hackers have three key pathways - the OS, apps, and malware - for leveraging the popular home fitness equipment as initial access for data compromise, ransomware, and more]]> 2023-07-26T16:19:00+00:00 https://www.darkreading.com/remote-workforce/flaws-in-peloton-tread-expose-enterprise-network-to-iot-attack-vectors www.secnews.physaphae.fr/article.php?IdArticle=8361792 False Malware,Industrial None 4.0000000000000000 Dark Reading - Informationweek Branch In separate targeted incidents, threat actors tried to upload malware into the Node Package Manager registry to gain access and steal credentials.]]> 2023-07-21T20:41:00+00:00 https://www.darkreading.com/attacks-breaches/banks-in-attackers-crosshairs-via-open-source-software-supply-chain www.secnews.physaphae.fr/article.php?IdArticle=8359851 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The cybercrime group has given its backdoor malware a facelift in an attempt to evade detection, making some bug fixes and setting itself up to deliver its latest crimeware toy, BlackCat.]]> 2023-07-18T16:13:00+00:00 https://www.darkreading.com/threat-intelligence/fin8-modifies-sardonic-backdoor-blackcat-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8358368 False Ransomware,Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies.]]> 2023-07-18T14:48:00+00:00 https://www.darkreading.com/attacks-breaches/sogu-snowydrive-malware-usb-based-cyberattacks-surge www.secnews.physaphae.fr/article.php?IdArticle=8358323 False Malware,Threat None 4.0000000000000000 Dark Reading - Informationweek Branch Vade\'s phishing and malware report reveals phishing volumes increased by more than 54% in H1 2023.]]> 2023-07-13T20:42:00+00:00 https://www.darkreading.com/endpoint/facebook-and-microsoft-are-the-most-impersonated-brands-in-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=8356198 False Malware None 4.0000000000000000 Dark Reading - Informationweek Branch AI-aided BEC, malware, and phishing attacks will push organizations to level up with generative AI and better protect their users, data, and networks.]]> 2023-07-13T18:38:00+00:00 https://www.darkreading.com/attacks-breaches/wormgpt-heralds-an-era-of-using-ai-defenses-to-battle-ai-malware www.secnews.physaphae.fr/article.php?IdArticle=8356154 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch The Guardz research team discloses the existence of new information stealing malware on the Dark Web.]]> 2023-07-10T20:38:00+00:00 https://www.darkreading.com/endpoint/guardz-identifies-new-shadowvault-macos-stealer-malware www.secnews.physaphae.fr/article.php?IdArticle=8354242 True Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Iran-linked APT35 group crafted specific Mac malware when targeting a member of the media with new tools to add backdoors.]]> 2023-07-10T17:58:00+00:00 https://www.darkreading.com/dr-global/apt35-mac-bespoke-malware www.secnews.physaphae.fr/article.php?IdArticle=8354062 False Malware APT 35,APT 35 4.0000000000000000 Dark Reading - Informationweek Branch An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America.]]> 2023-07-10T15:08:00+00:00 https://www.darkreading.com/remote-workforce/banking-firms-attack-toitoin-cyber-campaign www.secnews.physaphae.fr/article.php?IdArticle=8354033 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch US and Canadian government agencies find that new variants of the malware are increasingly being utilized.]]> 2023-07-07T20:22:00+00:00 https://www.darkreading.com/threat-intelligence/truebot-malware-variants-abound-according-to-cisa-advisory www.secnews.physaphae.fr/article.php?IdArticle=8353504 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Malware spoofed file management applications thanks to elevated permissions, enabling exfiltration of sensitive data with no user interaction, researchers find.]]> 2023-07-07T18:40:00+00:00 https://www.darkreading.com/threat-intelligence/spyware-gamed-1-5m-users-of-google-play-store- www.secnews.physaphae.fr/article.php?IdArticle=8353443 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The "TeamsPhisher" cyberattack tool gives pentesters - and adversaries - a way to deliver malicious files directly to a Teams user from an external account, or tenant.]]> 2023-07-05T21:09:00+00:00 https://www.darkreading.com/perimeter/microsoft-teams-exploit-toll-autodeliver-malware www.secnews.physaphae.fr/article.php?IdArticle=8352618 False Malware,Tool None 4.0000000000000000 Dark Reading - Informationweek Branch The number of malware samples is up as attackers aim to compromise users where they work and play: Their smartphones.]]> 2023-06-30T19:25:00+00:00 https://www.darkreading.com/endpoint/mobile-cyberattacks-soar-andoird-users www.secnews.physaphae.fr/article.php?IdArticle=8351115 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Key findings from the research also show three of the four new malware threats on this quarter\'s top-ten list originated in China and Russia, living-off-the-land attacks on the rise, and more.]]> 2023-06-29T19:51:00+00:00 https://www.darkreading.com/perimeter/watchguard-threat-lab-report-reveals-new-browser-based-social-engineering-trends www.secnews.physaphae.fr/article.php?IdArticle=8350753 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch A new version of the double-extortion group\'s malware reflects a growing trend among ransomware actors to expand cybercrime opportunities beyond Windows.]]> 2023-06-29T13:50:00+00:00 https://www.darkreading.com/iot/akira-ransomware-builds-momentum-linux-shift www.secnews.physaphae.fr/article.php?IdArticle=8350624 False Ransomware,Malware,Prediction None 2.0000000000000000 Dark Reading - Informationweek Branch Unknown senders have been shipping smartwatches to service members, leading to questions regarding what kind of ulterior motive is at play, malware or otherwise.]]> 2023-06-23T20:00:00+00:00 https://www.darkreading.com/threat-intelligence/suspicious-smartwatches-mailed-us-army-personnel www.secnews.physaphae.fr/article.php?IdArticle=8348651 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization\'s employees, but no patch is imminent.]]> 2023-06-23T17:57:00+00:00 https://www.darkreading.com/vulnerabilities-threats/microsoft-teams-attack-phish-deliver-malware-directly www.secnews.physaphae.fr/article.php?IdArticle=8348609 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Camaro Dragon (Mustang Panda) is spreading a malware variant of WispRider quickly across the globe even through air gaps, often unbeknown to users.]]> 2023-06-22T15:19:00+00:00 https://www.darkreading.com/threat-intelligence/usb-drives-spyware-china-mustang-panda-apt-global www.secnews.physaphae.fr/article.php?IdArticle=8348148 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The notorious APT15 used common malware tools and a third-generation custom "Graphican" backdoor to continue its information gathering exploits, this time against foreign ministries.]]> 2023-06-21T21:35:00+00:00 https://www.darkreading.com/vulnerabilities-threats/20-year-old-chinese-apt15-new-life-foreign-ministry-attacks www.secnews.physaphae.fr/article.php?IdArticle=8347850 False Malware APT 15,APT 15 2.0000000000000000 Dark Reading - Informationweek Branch A PRC-aligned actor used a trio of custom malware to take advantage of inherent weaknesses in edge appliances.]]> 2023-06-15T21:17:00+00:00 https://www.darkreading.com/attacks-breaches/critical-barracuda-esg-zero-day-chinese-apt www.secnews.physaphae.fr/article.php?IdArticle=8345938 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft says Cadet Blizzard wielded a custom wiper malware in the weeks leading up to Russia\'s invasion of Ukraine, and it remains capable of wanton destruction.]]> 2023-06-14T22:18:00+00:00 https://www.darkreading.com/threat-intelligence/russian-apt-cadet-blizzard-ukraine-wiper-attacks www.secnews.physaphae.fr/article.php?IdArticle=8345524 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Sophisticated attackers are lacing malware into PNG image files in order to steal cryptocurrency and business information.]]> 2023-06-12T22:25:00+00:00 https://www.darkreading.com/attacks-breaches/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info www.secnews.physaphae.fr/article.php?IdArticle=8344561 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Surveillance malware targets Libyan government entities, with possible links to a 2019 Egypt attack campaign.]]> 2023-06-12T16:35:00+00:00 https://www.darkreading.com/dr-global/syealth-soldier-attacks-target-libyan-government-entities-surveillance-malware www.secnews.physaphae.fr/article.php?IdArticle=8344450 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A campaign targeting mainly US users disguised malware in fake security software, game cracks, cheats, free Netflix, and other "modded" apps.]]> 2023-06-08T12:18:38+00:00 https://www.darkreading.com/application-security/60k-android-apps-adware-undetected-months www.secnews.physaphae.fr/article.php?IdArticle=8343315 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.]]> 2023-06-07T21:43:00+00:00 https://www.darkreading.com/application-security/minecraft-malware-spreading-mods-plugins www.secnews.physaphae.fr/article.php?IdArticle=8343154 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch In addition to injecting a card skimmer into target Magento, WooCommerce, Shopify, and WordPress sites, the the threat actor is also hijacking targeted domains to deliver the malware to other sites.]]> 2023-06-06T21:55:17+00:00 https://www.darkreading.com/attacks-breaches/different-kind-magecart-card-skimming-campaign www.secnews.physaphae.fr/article.php?IdArticle=8342760 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers could exploit a common AI experience-false recommendations-to spread malicious code via developers that use ChatGPT to create software.]]> 2023-06-06T12:00:00+00:00 https://www.darkreading.com/application-security/chatgpt-hallucinations-developers-supply-chain-malware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8342535 False Malware ChatGPT,ChatGPT 2.0000000000000000 Dark Reading - Informationweek Branch In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.]]> 2023-06-01T16:47:00+00:00 https://www.darkreading.com/application-security/novel-pypi-malware-compiled-python-bytecode-evade-detection www.secnews.physaphae.fr/article.php?IdArticle=8341274 False Malware None 2.0000000000000000