This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-09T15:24:07+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch The newly discovered malware, which has so far mainly targeted Turkish telcos and has links to HiatusRat, infects routers and performs DNS and HTTP hijacking attacks on connections to private IP addresses.]]> 2024-05-01T17:34:12+00:00 https://www.darkreading.com/cloud-security/cuttlefish-zero-click-malware-steals-private-cloud-data www.secnews.physaphae.fr/article.php?IdArticle=8491941 False Malware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch USBs have something the newest, hottest attack techniques lack: the ability to bridge air gaps.]]> 2024-04-30T17:28:56+00:00 https://www.darkreading.com/ics-ot-security/to-damage-ot-systems-hackers-tap-usbs-old-bugs-and-malware www.secnews.physaphae.fr/article.php?IdArticle=8491396 False Malware,Industrial None 3.0000000000000000 Dark Reading - Informationweek Branch An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.]]> 2024-04-23T19:33:37+00:00 https://www.darkreading.com/threat-intelligence/hackers-create-legit-phishing-links-with-ghost-github-gitlab-comments www.secnews.physaphae.fr/article.php?IdArticle=8487585 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine.]]> 2024-04-19T03:20:00+00:00 https://www.darkreading.com/application-security/evil-xdr-researcher-turns-palo-alto-software-into-perfect-malware www.secnews.physaphae.fr/article.php?IdArticle=8485078 False Malware,Technical None 4.0000000000000000 Dark Reading - Informationweek Branch Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.]]> 2024-04-18T08:29:53+00:00 https://www.darkreading.com/application-security/sneaky-shellcode-windows-fibers-edr-proof-code-execution www.secnews.physaphae.fr/article.php?IdArticle=8484611 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch "Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries.]]> 2024-04-17T20:31:30+00:00 https://www.darkreading.com/ics-ot-security/dangerous-new-ics-malware-targets-orgs-in-russia-and-ukraine www.secnews.physaphae.fr/article.php?IdArticle=8484345 False Malware,Industrial None 4.0000000000000000 Dark Reading - Informationweek Branch Kaspersky researchers discovered the new variant after responding to a critical incident targeting an organization in West Africa.]]> 2024-04-16T13:41:32+00:00 https://www.darkreading.com/endpoint-security/lockbit-3-0-variant-generates-custom-self-propagating-malware www.secnews.physaphae.fr/article.php?IdArticle=8483461 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch But just how the government differentiates its platform from similar private-sector options remains to be seen.]]> 2024-04-12T20:50:01+00:00 https://www.darkreading.com/vulnerabilities-threats/cisa-s-new-malware-analysis-platform-could-enable-better-threat-intelligence www.secnews.physaphae.fr/article.php?IdArticle=8480964 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Attackers have compromised an 8-year-old version of the cloud platform to distribute various malware that can take over infected systems.]]> 2024-04-11T18:22:12+00:00 https://www.darkreading.com/cloud-security/outdated-redis-service-abused-to-spread-meterpreter-backdoor www.secnews.physaphae.fr/article.php?IdArticle=8480187 False Malware,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch It\'s finally happening: Rather than just for productivity and research, threat actors are using LLMs to write malware. But companies need not worry just yet.]]> 2024-04-10T18:48:47+00:00 https://www.darkreading.com/threat-intelligence/ta547-uses-llm-generated-dropper-infect-german-orgs www.secnews.physaphae.fr/article.php?IdArticle=8479529 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch An ongoing cyberattack campaign with apparent ties to China uses a new version of sophisticated JavaScript remote access Trojan JSOutProx and is now targeting banks in the Middle East.]]> 2024-04-08T06:00:00+00:00 https://www.darkreading.com/threat-intelligence/solar-spider-spins-up-new-malware-to-entrap-saudi-arabian-banks www.secnews.physaphae.fr/article.php?IdArticle=8477926 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Initial access brokers are using the new downloader malware, which emerged just after QBot\'s 2023 disruption.]]> 2024-04-04T21:25:15+00:00 https://www.darkreading.com/threat-intelligence/new-loader-takes-over-where-qbot-left-off www.secnews.physaphae.fr/article.php?IdArticle=8476130 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Latest campaign underscores wide-ranging functionality and staying power of a decade-old piece of information-stealing malware.]]> 2024-04-04T21:00:00+00:00 https://www.darkreading.com/remote-workforce/thousands-of-australian-businesses-targeted-with-agent-tesla-rat www.secnews.physaphae.fr/article.php?IdArticle=8476055 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch UNAPIMON works by meticulously disabling hooks in Windows APIs for detecting malicious processes.]]> 2024-04-02T23:05:39+00:00 https://www.darkreading.com/cyberattacks-data-breaches/china-linked-threat-actor-using-peculiar-malware-to-hide-malicious-activities www.secnews.physaphae.fr/article.php?IdArticle=8474873 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.]]> 2024-04-02T19:23:59+00:00 https://www.darkreading.com/cyberattacks-data-breaches/attackers-use-google-ad-feature-to-target-slack-notion-users www.secnews.physaphae.fr/article.php?IdArticle=8474800 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.]]> 2024-04-01T21:25:52+00:00 https://www.darkreading.com/cyber-risk/xz-utils-backdoor-implanted-in-intricate-multi-year-supply-chain-attack www.secnews.physaphae.fr/article.php?IdArticle=8474250 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Outdated SOHO routers and IoT devices being hijacked by TheMoon to operate an anonymous hacker botnet service called Faceless.]]> 2024-03-29T18:06:20+00:00 https://www.darkreading.com/endpoint-security/themoon-malware-rises-malicious-botnet-for-hire www.secnews.physaphae.fr/article.php?IdArticle=8472706 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.]]> 2024-03-27T16:57:55+00:00 https://www.darkreading.com/application-security/tycoon-malware-kit-bypasses-microsoft-google-mfa www.secnews.physaphae.fr/article.php?IdArticle=8471483 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch A new, improved variant on the group\'s malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments.]]> 2024-03-26T21:14:26+00:00 https://www.darkreading.com/cloud-security/agenda-ransomware-vmware-esxi-servers www.secnews.physaphae.fr/article.php?IdArticle=8471002 False Ransomware,Malware None 3.0000000000000000 Dark Reading - Informationweek Branch New AcidPour variant can attack a significantly broader range of targets including IoT devices, storage area networks, and handhelds.]]> 2024-03-22T21:58:48+00:00 https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-releases-more-deadly-variant-of-acidrain-wiper-malware www.secnews.physaphae.fr/article.php?IdArticle=8468712 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-03-20T18:56:01+00:00 https://www.darkreading.com/endpoint-security/kaspersky-identifies-three-new-android-malware-threats www.secnews.physaphae.fr/article.php?IdArticle=8467470 False Malware,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Unsophisticated threat actor is targeting Russian companies with both readily available malware and authentic software.]]> 2024-03-20T14:29:10+00:00 https://www.darkreading.com/threat-intelligence/fluffy-wolf-spreads-meta-stealer-in-corporate-phishing-campaign www.secnews.physaphae.fr/article.php?IdArticle=8467372 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Companies trust lawyers with the most sensitive information they\'ve got. Attackers are aiming to exploit that bond to deliver malware.]]> 2024-03-20T12:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/hackers-posing-law-firms-phish-global-orgs-multiple-languages www.secnews.physaphae.fr/article.php?IdArticle=8467283 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Interpol assisted in the operation, in which analysts identified Grandoreiro group members by analyzing and matching malware samples.]]> 2024-03-18T20:25:03+00:00 https://www.darkreading.com/cybersecurity-operations/brazilian-authorities-arrest-members-of-banking-trojan-cybercrime-group www.secnews.physaphae.fr/article.php?IdArticle=8466275 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch It remains unclear how long the IT services giant\'s systems were infiltrated and just how the cyberattack unfolded.]]> 2024-03-18T20:20:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/fujitsu-malware-on-company-computers-exposed-customer-data www.secnews.physaphae.fr/article.php?IdArticle=8466276 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that spreads the multifaceted malware.]]> 2024-03-14T14:23:05+00:00 https://www.darkreading.com/endpoint-security/windows-smartscreen-bypass-flaw-exploited-to-drop-darkgate-rat www.secnews.physaphae.fr/article.php?IdArticle=8463835 False Malware,Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch A multitooled Trojan cuts apart Brazil\'s premier wire transfer app. Could similar malware do the same to Venmo, Zelle, or PayPal?]]> 2024-03-13T10:00:00+00:00 https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices www.secnews.physaphae.fr/article.php?IdArticle=8463087 False Malware,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch "Spinning YARN" cyberattackers wielding a Linux webshell are positioning for broader cloud compromise by exploiting common misconfigurations and a known Atlassian Confluence bug.]]> 2024-03-06T22:36:53+00:00 https://www.darkreading.com/cloud-security/cloud-y-linux-malware-rains-apache-docker-redis-confluence www.secnews.physaphae.fr/article.php?IdArticle=8460038 False Malware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch North Korea\'s latest espionage tool is tough to pin down, with random generators that throw detection mechanisms off its scent. The DPRK is using the recent critical bugs in ConnectWise ScreenConnect, a remote desktop tool, to deliver the bug.]]> 2024-03-05T19:46:08+00:00 https://www.darkreading.com/remote-workforce/north-korea-screenconnect-bugs-toddleshark-malware www.secnews.physaphae.fr/article.php?IdArticle=8459472 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch A newly developed PLC malware does not require physical access to target an ICS environment, is mostly platform neutral, and is more resilient than traditional malware aimed at critical infrastructure.]]> 2024-03-05T19:43:13+00:00 https://www.darkreading.com/ics-ot-security/improved-stuxnet-like-plc-malware-disrupt-critical-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=8459473 False Malware,Industrial None 4.0000000000000000 Dark Reading - Informationweek Branch 35 years after the Morris worm, we\'re still dealing with a version of the same issue: data overlapping with control.]]> 2024-03-04T22:51:02+00:00 https://www.darkreading.com/application-security/zero-click-genai-worm-malware-poisoning-models www.secnews.physaphae.fr/article.php?IdArticle=8459027 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors using the malware have infected systems within government, healthcare, and other critical infrastructure organizations since at least 2019.]]> 2024-02-29T22:49:41+00:00 https://www.darkreading.com/cyberattacks-data-breaches/fbi-cisa-release-iocs-for-phobos-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8457209 False Ransomware,Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware.]]> 2024-02-28T18:07:30+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cyberattackers-lure-eu-diplomats-wine-tasting-offers www.secnews.physaphae.fr/article.php?IdArticle=8456566 False Malware,Threat None 4.0000000000000000 Dark Reading - Informationweek Branch The IDAT Loader malware was used to deliver the cyber espionage tool, employing steganography, a seldom-seen technique in real-world attacks.]]> 2024-02-26T19:57:01+00:00 https://www.darkreading.com/cyberattacks-data-breaches/uac-0184-targets-ukrainian-entity-finland-remcos-rat www.secnews.physaphae.fr/article.php?IdArticle=8455530 False Malware,Tool None 2.0000000000000000 Dark Reading - Informationweek Branch First Brad and Jennifer, now Kim and Putin? Romance truly is dead, as North Korea is caught spying (again) on its partner to the north with the Konni malware.]]> 2024-02-23T18:52:05+00:00 https://www.darkreading.com/cyberattacks-data-breaches/north-korea-backdoors-russian-foreign-affairs-ministry www.secnews.physaphae.fr/article.php?IdArticle=8454235 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Users have already downloaded droppers for the malware from Google\'s official Play store more than 100,000 times since last November.]]> 2024-02-20T22:48:25+00:00 https://www.darkreading.com/mobile-security/new-wave-of-anatsa-banking-trojan-attacks-targets-android-users-in-europe www.secnews.physaphae.fr/article.php?IdArticle=8452912 False Malware,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch A surging bank malware campaign abuses Google Cloud Run and targets Latin America, with indications that it\'s spreading to other regions, researchers warn.]]> 2024-02-20T20:41:11+00:00 https://www.darkreading.com/application-security/google-cloud-run-spreading-several-bank-trojans- www.secnews.physaphae.fr/article.php?IdArticle=8452872 False Malware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.]]> 2024-02-15T22:03:54+00:00 https://www.darkreading.com/application-security/ios-malware-steals-faces-defeat-biometrics-ai-swaps www.secnews.physaphae.fr/article.php?IdArticle=8450576 False Malware,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-02-15T21:37:31+00:00 https://www.darkreading.com/vulnerabilities-threats/surge-in-hunter-killer-malware-uncovered-by-picus-security www.secnews.physaphae.fr/article.php?IdArticle=8450578 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The feds disrupted a Russian intelligence SOHO router botnet notable for being built with Moobot malware rather than custom code.]]> 2024-02-15T20:29:21+00:00 https://www.darkreading.com/cyberattacks-data-breaches/doj-breaks-russian-military-botnet- www.secnews.physaphae.fr/article.php?IdArticle=8450559 False Malware APT 28 2.0000000000000000 Dark Reading - Informationweek Branch A spate of recent cyber-espionage attacks showcases Turla\'s brand-new modular custom malware, and an expansion of the state-sponsored group\'s scope of targets.]]> 2024-02-15T15:45:36+00:00 https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos www.secnews.physaphae.fr/article.php?IdArticle=8450469 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Cyberattacks targeting thousands of US organizations wields a new attack vector to deliver the versatile initial-access loader - and is a harbinger of a surge in threat activity.]]> 2024-02-14T16:43:26+00:00 https://www.darkreading.com/cyberattacks-data-breaches/bumblebee-malware-buzzes-back-4-month-hiatus www.secnews.physaphae.fr/article.php?IdArticle=8450070 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch A malware with every malicious feature in the book is adding new pages, with a fresh ability to invade the lowest levels of a Windows machine.]]> 2024-02-13T21:30:15+00:00 https://www.darkreading.com/threat-intelligence/glupteba-botnet-burrows-windows-systems-new-uefi-bootkit www.secnews.physaphae.fr/article.php?IdArticle=8449736 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch MacOS data exfiltration malware poses as an update for Visual Studio code editor.]]> 2024-02-09T21:48:11+00:00 https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8448498 False Ransomware,Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Brazil, the world\'s center for banking Trojan malware, has produced one of its most advanced tools yet. And as history shows, Coyote may soon expand its territory.]]> 2024-02-08T21:14:16+00:00 https://www.darkreading.com/threat-intelligence/coyote-malware-preying-61-banking-apps www.secnews.physaphae.fr/article.php?IdArticle=8448171 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch A tangled web of attackers use various social media tactics to propagate the novel threat, which has several execution methods and exfiltrates data to Telegram.]]> 2024-02-08T16:34:52+00:00 https://www.darkreading.com/endpoint-security/novel-ov3r_stealer-spreads-facebook-steal-info www.secnews.physaphae.fr/article.php?IdArticle=8448084 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Dutch military intelligence warns that new malware, called "Coathanger," was found in multiple FortiGate devices during an incident response, and that Chinese-state actors are using the persistent RAT for espionage.]]> 2024-02-08T14:00:00+00:00 https://www.darkreading.com/endpoint-security/china-dropping-rat-designed-fortigate-devices www.secnews.physaphae.fr/article.php?IdArticle=8448028 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Latest iteration of the malware appears aimed at targets in Mexico.]]> 2024-02-05T22:38:14+00:00 https://www.darkreading.com/endpoint-security/fresh-mispadu-stealer-variant-emerges www.secnews.physaphae.fr/article.php?IdArticle=8447066 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Threat actor behind the Activator macOS backdoor is using pirated apps to distribute the malware in what could be a botnet-building operation.]]> 2024-02-02T20:03:22+00:00 https://www.darkreading.com/cyberattacks-data-breaches/macos-malware-campaign-showcases-novel-delivery-technique www.secnews.physaphae.fr/article.php?IdArticle=8446099 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.]]> 2024-01-30T21:55:00+00:00 https://www.darkreading.com/endpoint-security/apple-warns-iphone-sideloading-increase-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8444945 False Malware,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch A sporty, modular downloader allows hackers to cherry-pick their exploits - in this case, two powerful tools for gaining admin access in a Windows system.]]> 2024-01-25T17:40:00+00:00 https://www.darkreading.com/endpoint-security/cherryloader-downloader-serious-privilege-execution www.secnews.physaphae.fr/article.php?IdArticle=8443069 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch The malware substitutes genuine apps with compromised versions, enabling attackers to pilfer credentials and recovery phrases, thus gaining access to wallets and their contents.]]> 2024-01-23T21:00:00+00:00 https://www.darkreading.com/application-security/macos-malware-targets-bitcoin-exodus-cryptowallets www.secnews.physaphae.fr/article.php?IdArticle=8442265 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Just in time for the US election season, one of the Kremlin\'s favorite hack-and-leak spy groups - Star Blizzard - has developed its very first custom backdoor.]]> 2024-01-18T23:00:00+00:00 https://www.darkreading.com/ics-ot-security/russia-coldriver-apt-unleashes-custom-spica-malware www.secnews.physaphae.fr/article.php?IdArticle=8440442 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Modified malware from the Khepri open source project that shares similarities with the ZuRu data stealer harvests data and drops additional payloads.]]> 2024-01-18T15:44:00+00:00 https://www.darkreading.com/vulnerabilities-threats/stealthy-backdoor-found-hiding-in-pirated-macos-apps www.secnews.physaphae.fr/article.php?IdArticle=8440331 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Analysis of the infostealer malware version 4.1 includes hidden ASCII art and a shout-out thanking cybersecurity researchers.]]> 2024-01-18T15:15:00+00:00 https://www.darkreading.com/threat-intelligence/chaes-infostealer-code-threat-hunter-love-notes www.secnews.physaphae.fr/article.php?IdArticle=8440332 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch "Infernal Drainer" campaign represents a dangerous evolution in crypto-drainers, credibly spoofing Coinbase and maintaining a vast infrastructure-for-rent biz.]]> 2024-01-17T21:24:00+00:00 https://www.darkreading.com/cloud-security/80m-crypto-disappears-drainer-malware-hell www.secnews.physaphae.fr/article.php?IdArticle=8440043 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Emerging malware variants can evade various static-signature detection engines, including XProtect, as attackers rapidly evolve to challenge defense systems.]]> 2024-01-17T16:15:00+00:00 https://www.darkreading.com/endpoint-security/sophisticated-macos-infostealers-apple-built-in-detection www.secnews.physaphae.fr/article.php?IdArticle=8439956 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch An emerging threat actor, Water Curupira, is wielding a new, sophisticated loader in a series of thread-jacking phishing campaigns that precede ransomware.]]> 2024-01-10T16:29:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/pikabot-malware-qakbot-replacement-black-basta-attacks www.secnews.physaphae.fr/article.php?IdArticle=8437569 False Ransomware,Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Videos promoting how to crack popular software circumvent Web filters by using GitHub and MediaFire to propagate the malware.]]> 2024-01-09T15:35:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/weaponized-youtube-channels-spread-lumma-stealer www.secnews.physaphae.fr/article.php?IdArticle=8437192 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Report says US and Israel spent $1 billion to develop the infamous Stuxnet virus, built to sabotage Iran\'s nuclear program in 2008.]]> 2024-01-09T02:00:00+00:00 https://www.darkreading.com/ics-ot-security/us-israel-dutch-spy-stuxnet-malware-against-iran www.secnews.physaphae.fr/article.php?IdArticle=8436803 False Malware None 5.0000000000000000 Dark Reading - Informationweek Branch The post-exploitation backdoor is the latest in a string of custom tools aimed at spying on Apple users.]]> 2024-01-05T20:00:00+00:00 https://www.darkreading.com/threat-intelligence/north-korea-debuts-spectralblur-malware-amid-macos-onslaught www.secnews.physaphae.fr/article.php?IdArticle=8435266 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch The shadowy threat actor uses some nifty tricks to drop popular malware with targets that meet its specifications.]]> 2023-12-21T22:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/battleroyal-hackers-deliver-darkgate-rat www.secnews.physaphae.fr/article.php?IdArticle=8427012 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.]]> 2023-12-21T16:20:00+00:00 https://www.darkreading.com/endpoint-security/chameleon-android-trojan-offers-biometric-bypass www.secnews.physaphae.fr/article.php?IdArticle=8426879 False Malware,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Seedworm, aka MuddyWater, drops PowerShell-based malware on victims using living-off-the-land techniques.]]> 2023-12-20T17:25:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/iranian-seedworm-cyber-spies-target-african-telcos-isps www.secnews.physaphae.fr/article.php?IdArticle=8426244 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft and several others have reported seeing the noxious malware surfacing again in a campaign targeting the hospitality industry.]]> 2023-12-19T23:05:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/new-qakbot-sightings-confirm-law-enforcement-takedown-was-temporary-setback www.secnews.physaphae.fr/article.php?IdArticle=8425743 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Gaza Cybergang has created a new backdoor version stuffed with tools to spy on and attack targets.]]> 2023-12-15T18:51:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/pro-hamas-attackers-hit-multiple-middle-eastern-targets www.secnews.physaphae.fr/article.php?IdArticle=8423330 False Malware,Tool None 3.0000000000000000 Dark Reading - Informationweek Branch The multifaceted malware leverages the NKN blockchain-based peer-to-peer networking protocol, operating as both a sophisticated backdoor and a flooder launching DDoS attacks.]]> 2023-12-15T18:20:00+00:00 https://www.darkreading.com/cloud-security/nkabuse-malware-blockchain-hide-linux-iot www.secnews.physaphae.fr/article.php?IdArticle=8423331 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The infamous vulnerability may be on the older side at this point, but North Korea\'s primo APT Lazarus is creating new, unique malware around it at a remarkable clip.]]> 2023-12-11T16:15:00+00:00 https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d www.secnews.physaphae.fr/article.php?IdArticle=8421118 False Malware,Vulnerability APT 38 2.0000000000000000 Dark Reading - Informationweek Branch Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.]]> 2023-12-11T16:00:00+00:00 https://www.darkreading.com/threat-intelligence/microsoft-mystery-group-targeting-telcos-chinese-apts www.secnews.physaphae.fr/article.php?IdArticle=8421098 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch New techniques in a second variant of the malware improved functionality and communication commands.]]> 2023-12-07T18:53:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/headcrab-malware-variants-commandeer-thousands-of-servers www.secnews.physaphae.fr/article.php?IdArticle=8419978 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A stealthy malware is infecting the systems of telecoms and other verticals in Thailand, remaining under the radar for two years after its code first appeared on VirusTotal.]]> 2023-12-07T17:43:00+00:00 https://www.darkreading.com/threat-intelligence/krasue-rat-cross-kernel-linux-rootkit-telecom www.secnews.physaphae.fr/article.php?IdArticle=8419958 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A decade and a half after Gh0st RAT first appeared, the "SugarGh0st RAT" variant aims to make life sweeter for cybercriminals.]]> 2023-11-30T20:50:00+00:00 https://www.darkreading.com/threat-intelligence/new-spookier-gh0st-rat-uzbekistan-south-korea www.secnews.physaphae.fr/article.php?IdArticle=8418151 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Lazarus and its cohorts are switching loaders and other code between RustBucket and KandyKorn macOS malware to fool victims and researchers.]]> 2023-11-28T17:30:00+00:00 https://www.darkreading.com/threat-intelligence/north-korean-apts-mix-and-match-malware-components-to-evade-detection www.secnews.physaphae.fr/article.php?IdArticle=8417572 False Malware APT 38,APT 38 2.0000000000000000 Dark Reading - Informationweek Branch Gaza Cybergang is using a version of the malware rewritten in the Rust programming language.]]> 2023-11-27T17:44:00+00:00 https://www.darkreading.com/attacks-breaches/hamas-linked-apt-wields-new-sysjoker-backdoor-against-israel www.secnews.physaphae.fr/article.php?IdArticle=8417281 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Gaza Cybergang is using a version of the malware rewritten in the Rust programming language.]]> 2023-11-26T22:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/hamas-linked-apt-wields-new-sysjoker-backdoor-against-israel www.secnews.physaphae.fr/article.php?IdArticle=8418320 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected.]]> 2023-11-20T22:01:00+00:00 https://www.darkreading.com/application-security/malware-trigonometry-track-mouse-strokes www.secnews.physaphae.fr/article.php?IdArticle=8415053 False Malware,Technical None 3.0000000000000000 Dark Reading - Informationweek Branch Combining a malware sandbox with threat intelligence feeds improves security detection, analysis, and response capabilities.]]> 2023-11-20T08:00:00+00:00 https://www.darkreading.com/threat-intelligence/leveraging-sandbox-and-threat-intelligence-feeds-to-combat-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8414726 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.]]> 2023-11-13T19:09:00+00:00 https://www.darkreading.com/threat-intelligence/ducktail-malware-targets-fashion-industry www.secnews.physaphae.fr/article.php?IdArticle=8411237 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.]]> 2023-11-09T23:15:00+00:00 https://www.darkreading.com/application-security/-blazestealer-python-malware-complete-takeover-developer www.secnews.physaphae.fr/article.php?IdArticle=8408794 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch One of the main challenges for Android users is protecting themselves malicious applications that can damage devices or perform other harmful actions.]]> 2023-11-09T18:00:00+00:00 https://www.darkreading.com/endpoint/how-to-outsmart-malware-attacks-that-can-fool-antivirus-protection www.secnews.physaphae.fr/article.php?IdArticle=8408639 False Malware,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Kim Jong-Un\'s hackers are scraping the bottom of the barrel, using script kiddie-grade malware to steal devalued digital assets.]]> 2023-11-07T20:11:00+00:00 https://www.darkreading.com/threat-intelligence/north-korea-bluenoroff-apt-dumbed-down-macos-malware www.secnews.physaphae.fr/article.php?IdArticle=8407439 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Posing as fellow engineers, the North Korean state-sponsored cybercrime group Lazarus tricked crypto-exchange developers into downloading the hard-to-detect malware.]]> 2023-11-03T18:55:00+00:00 https://www.darkreading.com/endpoint/kandykorn-macos-malware-lures-crypto-engineers www.secnews.physaphae.fr/article.php?IdArticle=8405460 False Malware APT 38,APT 38 2.0000000000000000 Dark Reading - Informationweek Branch The government-backed APT\'s new malware framework represents a step up in Iran\'s cyber sophistication.]]> 2023-11-02T14:46:00+00:00 https://www.darkreading.com/dr-global/-scarred-manticore-unleashes-most-advanced-iranian-espionage www.secnews.physaphae.fr/article.php?IdArticle=8404734 False Malware APT 34 3.0000000000000000 Dark Reading - Informationweek Branch The wider availability of turnkey cyberattack kits in the criminal underground is leading to a glut of campaigns using remote access Trojans (RATs).]]> 2023-10-31T19:45:00+00:00 https://www.darkreading.com/endpoint/malware-meal-kits-serve-up-no-fuss-rat-attacks www.secnews.physaphae.fr/article.php?IdArticle=8403701 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The APT group uses updates from the app to get the user to download the malware.]]> 2023-10-31T17:44:00+00:00 https://www.darkreading.com/dr-global/arid-viper-camouflages-malware-in-knockoff-dating-app www.secnews.physaphae.fr/article.php?IdArticle=8403649 False Malware APT-C-23 3.0000000000000000 Dark Reading - Informationweek Branch An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless.]]> 2023-10-30T22:08:00+00:00 https://www.darkreading.com/endpoint/google-dynamic-search-ads-malware-deluge www.secnews.physaphae.fr/article.php?IdArticle=8403170 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.]]> 2023-10-26T13:15:00+00:00 https://www.darkreading.com/threat-intelligence/complex-spy-platform-stripedfly-bites-1m-victims-disguised-as-a-cryptominer www.secnews.physaphae.fr/article.php?IdArticle=8400863 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.]]> 2023-10-18T16:11:47+00:00 https://www.darkreading.com/attacks-breaches/north-korea-s-kimsuky-doubles-down-on-remote-desktop-control www.secnews.physaphae.fr/article.php?IdArticle=8397354 False Malware APT 43 2.0000000000000000 Dark Reading - Informationweek Branch Updating your browser when prompted is a good practice, just make sure the notification comes from the vendor themselves.]]> 2023-10-17T16:34:38+00:00 https://www.darkreading.com/threat-intelligence/watch-out-attackers-hiding-malware-browser-updates www.secnews.physaphae.fr/article.php?IdArticle=8396798 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The botnet - built for DDoS, backdooring, and dropping malware - is evading standard URL signature detections with a novel approach.]]> 2023-10-13T17:42:00+00:00 https://www.darkreading.com/cloud/shellbot-cracks-linux-ssh-servers-debuts-new-evasion-tactic www.secnews.physaphae.fr/article.php?IdArticle=8395222 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A plurality of the targets in the ongoing campaign have been based in the Americas.]]> 2023-10-12T20:50:56+00:00 https://www.darkreading.com/attacks-breaches/darkgate-operator-skype-teams-messages-distribute-malware www.secnews.physaphae.fr/article.php?IdArticle=8394878 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 - but their days are numbered now that Microsoft is finally deprecating the Windows programming. language.]]> 2023-10-12T20:23:45+00:00 https://www.darkreading.com/cloud/microsoft-retire-vbscript-cybercrime-chagrin www.secnews.physaphae.fr/article.php?IdArticle=8394880 False Malware None 1.00000000000000000000 Dark Reading - Informationweek Branch Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.]]> 2023-10-12T14:06:50+00:00 https://www.darkreading.com/endpoint/backdoor-lurks-behind-wordpress-caching-plugin-to-hijack-websites www.secnews.physaphae.fr/article.php?IdArticle=8394776 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail.]]> 2023-10-11T21:15:00+00:00 https://www.darkreading.com/threat-intelligence/chinese-stayin-alive-attacks-basic-loaders-asian-telcos www.secnews.physaphae.fr/article.php?IdArticle=8394490 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Threat intel experts see a reduced focus on desktop malware as threat groups prioritize passwords and tokens that let them access the same systems as remote workers.]]> 2023-10-11T12:00:00+00:00 https://www.darkreading.com/microsoft/a-frontline-report-of-chinese-threat-actor-tactics-and-techniques www.secnews.physaphae.fr/article.php?IdArticle=8394177 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch 2023-10-06T20:20:00+00:00 https://www.darkreading.com/attacks-breaches/watchguard-threat-lab-report-finds-endpoint-malware-volumes-decreasing-despite-campaigns-growing-more-expansive www.secnews.physaphae.fr/article.php?IdArticle=8392385 False Malware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The previously undocumented data exfiltration malware was part of a successful cyber-espionage campaign against the Guyanese government, likely by the Chinese.]]> 2023-10-05T21:20:00+00:00 https://www.darkreading.com/threat-intelligence/operation-jacana-dinodasrat-custom-backdoor www.secnews.physaphae.fr/article.php?IdArticle=8392009 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch The malware uses software to evade detection while also making it difficult to analyze.]]> 2023-10-05T19:45:00+00:00 https://www.darkreading.com/threat-intelligence/group-ib-golddigger-banking-trojan-targeting-vietnamese-organizations www.secnews.physaphae.fr/article.php?IdArticle=8391962 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch It\'s never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now makes it easy to take advantage of those who stumble upon it.]]> 2023-10-04T16:20:09+00:00 https://www.darkreading.com/application-security/turnkey-rootkit-amateur-hackers-supply-chain-attacks www.secnews.physaphae.fr/article.php?IdArticle=8391525 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The Lazarus Group\'s "LightlessCan" malware executes multiple native Windows commands within the RAT itself, making detection significantly harder, security vendor says.]]> 2023-10-02T20:51:09+00:00 https://www.darkreading.com/cloud/north-korea-meta-complex-backdoor-aerospace www.secnews.physaphae.fr/article.php?IdArticle=8390638 False Malware APT 38 3.0000000000000000