This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-11T03:06:51+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch 2019-09-06T16:55:00+00:00 https://www.darkreading.com/attacks-breaches/chinese-group-built-advanced-trojan-by-reverse-engineering-nsa-attack-tool-/d/d-id/1335758?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1310903 False Tool APT 3 None Checkpoint - Fabricant Materiel Securite 2019-09-05T13:00:43+00:00 https://blog.checkpoint.com/2019/09/05/transforming-branch-security-with-top-rated-threat-prevention-cloud-services-integrated-with-vmware-and-silver-peak-sd-wan/ www.secnews.physaphae.fr/article.php?IdArticle=1324402 True Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2019-09-05T13:00:04+00:00 https://blog.checkpoint.com/2019/09/05/transforming-branch-security-with-top-rated-threat-prevention-cloud-services-integrated-with-vmware-and-silver-peak-sd-wan/ www.secnews.physaphae.fr/article.php?IdArticle=1307543 False Threat,Prediction APT 39 None Security Affairs - Blog Secu 2019-08-07T13:47:02+00:00 https://securityaffairs.co/wordpress/89586/apt/oilrig-apt-techniques-evolution.html www.secnews.physaphae.fr/article.php?IdArticle=1248490 False None APT 34 None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC subscribe to the Youtube channel to stay updated. This is a transcript of a recent feature on ThreatTraq.  The video features Jaime Blasco, VP and Chief Scientist, AlienVault, Stan Nurilov, Lead Member of Technical Staff, AT&T,  and Joe Harten, Director Technical Security. Stan: Jaime. I think you have a very interesting topic today about threat intelligence.  Jaime: Yes, we want to talk about how threat intelligence is critical for threat detection and incident response, but then when this threat intelligence and the threat actors try to match those indicators and that information that is being shared, it can actually be bad for companies. So we are going to share some of the experiences we have had with managing the Open Threat Exchange (OTX) - one of the biggest threat sharing communities out there. Stan: Jaime mentioned that they have so many threat indicators and so much threat intelligence as part of OTX, the platform.  Jaime: We know attackers monitor these platforms and are adjusting tactics and techniques and probably the infrastructure based on public reaction to cyber security companies sharing their activities in blog posts and other reporting. An example is in September 2017, we saw APT28, and it became harder to track because we were using some of the infrastructure and some of the techniques that were publicly known. And another cyber security company published content about that and then APT28 became much more difficult to track. The other example is APT1. If you remember the APT1 report in 2013 that Mandiant published, that made the group basically disappear from the face of earth, right? We didn't see them for a while and then they changed the infrastructure and they changed a lot of the tools that they were using, and then they came back in 2014. So we can see that that threat actor disappeared for a while, changed and rebuilt, and then they came back. We also know that attackers can try to publish false information in this platform, so that's why it's important that not only those platforms are automated, but also there are human analysts that can verify that information.  Joe: It seems like you have to have a process of validating the intelligence, right? I think part of it is you don't want to take this intelligence at face value without having some expertise of your own that asks, is this valid? Is this a false positive? Is this planted by the adversary in order to throw off the scent? I think it's one of those things where you can't automatically trust - threat intelligence. You have to do some of your own diligence to validate the intelligence, make sure it makes sense, make sure it's still fresh, it's still good. This is something we're working on internally - creating those other layers to validate and create better value of our threat intelligence. Jaime: The other issue I wanted to bring to the table is what we call false flag operations - that's when an adversary or a threat actor studies another threat actor and tries to emulate their behavior. So when companies try to do at]]> 2019-07-25T13:00:00+00:00 https://feeds.feedblitz.com/~/604869576/0/alienvault-blogs~Can-you-trust-threat-intelligence-from-threat-sharing-communities-ATampT-ThreatTraq www.secnews.physaphae.fr/article.php?IdArticle=1222817 False Malware,Threat,Studies,Guideline APT 38,APT 28,APT 1 None ZD Net - Magazine Info 2019-07-24T18:24:00+00:00 https://www.zdnet.com/article/apt-doxing-group-expose-apt17-as-jinan-bureau-of-chinas-security-ministry/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1221757 False None APT 17,APT 10,APT 3 None InformationSecurityBuzzNews - Site de News Securite Iranian Hackers Send Out Fake LinkedIn Invitations Laced With Malware]]> 2019-07-23T14:40:03+00:00 https://www.informationsecuritybuzz.com/expert-comments/iranian-hackers-send-out-fake-linkedin-invitations-laced-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=1220106 False Malware APT 34 None UnderNews - Site de news "pirate" francais Compte tenu des tensions géopolitiques croissantes au Moyen-Orient, FireEye s'attend à ce que l'Iran augmente considérablement le volume et la portée de ses campagnes de cyber-espionnage.]]> 2019-07-22T12:56:04+00:00 https://www.undernews.fr/hacking-hacktivisme/fireeye-identifie-une-nouvelle-campagne-de-cyber-espionnage-du-groupe-iranien-apt34.html www.secnews.physaphae.fr/article.php?IdArticle=1219531 False None APT 34 None Security Affairs - Blog Secu 2019-07-22T08:04:00+00:00 https://securityaffairs.co/wordpress/88737/apt/apt34-cyberspionage-linkedin.html www.secnews.physaphae.fr/article.php?IdArticle=1219314 False Malware APT 24,APT 34 None SecurityWeek - Security News 2019-07-19T17:46:01+00:00 https://www.securityweek.com/iranian-hackers-use-new-malware-recent-attacks www.secnews.physaphae.fr/article.php?IdArticle=1215568 False Malware APT 34 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Background With increasing geopolitical tensions in the Middle East, we expect Iran to significantly increase the volume and scope of its cyber espionage campaigns. Iran has a critical need for strategic intelligence and is likely to fill this gap by conducting espionage against decision makers and key organizations that may have information that furthers Iran\'s economic and national security goals. The identification of new malware and the creation of additional infrastructure to enable such campaigns highlights the increased tempo of these operations in support of Iranian interests. Fi]]> 2019-07-18T10:00:00+00:00 https://www.mandiant.com/resources/blog/hard-pass-declining-apt34-invite-to-join-their-professional-network www.secnews.physaphae.fr/article.php?IdArticle=8377692 False Malware APT 34,APT 34 4.0000000000000000 TechRepublic - Security News US 2019-07-17T15:00:00+00:00 https://www.techrepublic.com/article/developers-why-remote-work-is-the-new-norm/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1210927 False None APT 32 None Wired Threat Level - Security News 2019-07-10T12:00:00+00:00 https://www.wired.com/story/little-plastic-nurdles-are-flooding-beaches-and-waterways www.secnews.physaphae.fr/article.php?IdArticle=1197699 False None APT 32 None Security Affairs - Blog Secu 2019-07-09T08:42:00+00:00 https://securityaffairs.co/wordpress/88130/malware/malware-shared-uscybercom-dated-2016.html www.secnews.physaphae.fr/article.php?IdArticle=1194914 True Malware APT33,APT 33 None Wired Threat Level - Security News 2019-07-05T12:00:00+00:00 https://www.wired.com/story/forget-the-moon-we-should-go-to-jupiters-idyllic-europa www.secnews.physaphae.fr/article.php?IdArticle=1188162 False None APT 32 4.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités ]]> 2019-07-04T12:48:03+00:00 http://www.globalsecuritymag.fr/Mise-en-garde-contre-la,20190704,88797.html www.secnews.physaphae.fr/article.php?IdArticle=1186589 True Malware APT33,APT 33 None Bleeping Computer - Magazine Américain 2019-07-03T15:31:02+00:00 https://www.bleepingcomputer.com/news/security/outlook-flaw-exploited-by-iranian-apt33-us-cybercom-issues-alert/ www.secnews.physaphae.fr/article.php?IdArticle=1185589 False Malware,Vulnerability APT33,APT 33 None Security Affairs - Blog Secu 2019-07-02T06:20:02+00:00 https://securityaffairs.co/wordpress/87836/apt/ratsnif-rat-oceanlotus-ops.html www.secnews.physaphae.fr/article.php?IdArticle=1182535 False None APT 32 None SecurityWeek - Security News 2019-07-02T04:54:05+00:00 https://www.securityweek.com/researchers-analyze-vietnamese-hackers-suite-rats www.secnews.physaphae.fr/article.php?IdArticle=1182468 False Threat APT 32 None Bleeping Computer - Magazine Américain 2019-07-01T12:38:02+00:00 https://www.bleepingcomputer.com/news/security/oceanlotus-apt-uses-new-ratsnif-trojan-for-network-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1181740 False None APT 32 None Security Affairs - Blog Secu 2019-07-01T06:49:03+00:00 https://securityaffairs.co/wordpress/87784/apt/apt33-updates-infrastructure.html www.secnews.physaphae.fr/article.php?IdArticle=1181009 False None APT33,APT 33 None SecurityWeek - Security News March 2019 report detailing its activities, according to researchers from Recorded Future. ]]> 2019-06-27T14:56:04+00:00 https://www.securityweek.com/iranian-cyberspies-update-infrastructure-following-recent-report www.secnews.physaphae.fr/article.php?IdArticle=1179012 False None APT33,APT 33 None Security Affairs - Blog Secu 2019-06-27T05:32:05+00:00 https://securityaffairs.co/wordpress/87652/apt/muddywater-apt34-similarities.html www.secnews.physaphae.fr/article.php?IdArticle=1175900 False None APT 34 None Wired Threat Level - Security News 2019-06-25T18:45:03+00:00 https://www.wired.com/story/seals-sensors-antarctica-tracking-water-temperatures www.secnews.physaphae.fr/article.php?IdArticle=1173405 False None APT 32 None UnderNews - Site de news "pirate" francais FireEye a identifié des activités de 'spearphishing' (harponnage) conduites par le groupe de menaces iranien  APT33.]]> 2019-06-25T11:03:01+00:00 https://www.undernews.fr/hacking-hacktivisme/fireeye-a-identifie-des-activites-de-spearphishing-harponnage-conduites-par-le-groupe-de-menaces-iranien-apt33.html www.secnews.physaphae.fr/article.php?IdArticle=1172669 False None APT33,APT 33 None Security Affairs - Blog Secu 2019-06-21T13:01:04+00:00 https://securityaffairs.co/wordpress/87404/apt/turla-new-campaigns.html www.secnews.physaphae.fr/article.php?IdArticle=1166901 False None APT 34 None SecurityWeek - Security News 2019-06-20T18:11:01+00:00 https://www.securityweek.com/russia-linked-hackers-hijack-infrastructure-iranian-threat-group www.secnews.physaphae.fr/article.php?IdArticle=1166425 False Threat APT 34 None Bleeping Computer - Magazine Américain 2019-06-20T12:34:02+00:00 https://www.bleepingcomputer.com/news/security/turla-espionage-group-hacks-oilrig-apt-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=1165701 False None APT 34 5.0000000000000000 ZD Net - Magazine Info 2019-06-20T10:00:00+00:00 https://www.zdnet.com/article/russian-apt-hacked-iranian-apts-infrastructure-back-in-2017/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1165095 False None APT 34 None InformationSecurityBuzzNews - Site de News Securite Report Reveals Website Security Risk For Australian & NZ Firms]]> 2019-06-10T11:55:00+00:00 https://www.informationsecuritybuzz.com/study-research/report-reveals-website-security-risk-for-australian-nz-firms/ www.secnews.physaphae.fr/article.php?IdArticle=1147403 False None APT 32 None Security Affairs - Blog Secu 2019-06-06T11:00:05+00:00 https://securityaffairs.co/wordpress/86680/hacking/analyzing-apt34-jason-project.html www.secnews.physaphae.fr/article.php?IdArticle=1142506 False Tool APT 34 None Security Affairs - Blog Secu 2019-06-04T13:55:05+00:00 https://securityaffairs.co/wordpress/86569/hacking/oilrig-jason-email-hijacking.html www.secnews.physaphae.fr/article.php?IdArticle=1139201 False Tool APT 34 None Bleeping Computer - Magazine Américain 2019-06-03T12:56:01+00:00 https://www.bleepingcomputer.com/news/security/new-email-hacking-tool-from-oilrig-apt-group-leaked-online/ www.secnews.physaphae.fr/article.php?IdArticle=1137922 False Tool APT 34 None Wired Threat Level - Security News 2019-06-02T05:58:04+00:00 https://www.wired.com/story/gadget-lab-podcast-408 www.secnews.physaphae.fr/article.php?IdArticle=1135913 False None APT 32 None Wired Threat Level - Security News 2019-05-22T17:00:00+00:00 https://www.wired.com/story/foraminifera-plankton www.secnews.physaphae.fr/article.php?IdArticle=1119979 False None APT 32 None Wired Threat Level - Security News 2019-05-17T15:00:00+00:00 https://www.wired.com/story/ocean-plastics-bacteria www.secnews.physaphae.fr/article.php?IdArticle=1112605 False None APT 32 None Security Affairs - Blog Secu 2019-05-14T12:48:00+00:00 https://securityaffairs.co/wordpress/85469/apt/scarcruft-apt-bluetooth-harvester.html www.secnews.physaphae.fr/article.php?IdArticle=1106580 False Cloud APT 37 None InformationSecurityBuzzNews - Site de News Securite US Government Unveils New North Korean Hacking Tool]]> 2019-05-13T18:50:03+00:00 https://www.informationsecuritybuzz.com/expert-comments/us-government-unveils-new-north-korean-hacking-tool/ www.secnews.physaphae.fr/article.php?IdArticle=1105723 False Malware,Tool,Medical APT 38 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-05-13T16:46:00+00:00 https://threatpost.com/scarcruft-apt-bluetooth-harvester/144643/ www.secnews.physaphae.fr/article.php?IdArticle=1105523 False Malware APT 37 None SecurityWeek - Security News 2019-05-13T15:29:00+00:00 https://www.securityweek.com/north-korea-linked-scarcruft-adds-bluetooth-harvester-toolkit www.secnews.physaphae.fr/article.php?IdArticle=1106316 False Threat,Cloud APT 37 None Security Affairs - Blog Secu 2019-05-10T13:53:03+00:00 https://securityaffairs.co/wordpress/85302/apt/north-korea-electricfish-tool.html www.secnews.physaphae.fr/article.php?IdArticle=1102136 False Malware,Tool,Medical APT 38 None ZD Net - Magazine Info 2019-05-10T10:41:04+00:00 https://www.zdnet.com/article/north-korea-debuts-new-electricfish-malware-in-hidden-cobra-campaigns/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1101947 False Malware,Tool APT 38 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-05-10T03:04:03+00:00 https://thehackernews.com/2019/05/north-korean-hacking-tool.html www.secnews.physaphae.fr/article.php?IdArticle=1101860 False Malware,Medical APT 38 None Bleeping Computer - Magazine Américain 2019-05-09T16:59:05+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-electricfish-malware-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=1101338 True Malware APT 38 None Dark Reading - Informationweek Branch 2019-05-07T15:15:00+00:00 https://www.darkreading.com/attacks-breaches/how-a-chinese-nation-state-group-reverse-engineered-nsa-attack-tools/d/d-id/1334632?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1098118 False None APT 3 None Security Affairs - Blog Secu 2019-05-07T11:15:00+00:00 https://securityaffairs.co/wordpress/85075/malware/buckeye-doublepulsar.html www.secnews.physaphae.fr/article.php?IdArticle=1098039 False Tool APT 3 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-05-07T01:41:01+00:00 https://thehackernews.com/2019/05/buckeye-nsa-hacking-tools.html www.secnews.physaphae.fr/article.php?IdArticle=1098025 False None APT 3 None Wired Threat Level - Security News 2019-04-28T12:00:00+00:00 https://www.wired.com/story/scientists-discover-nearly-200000-kinds-of-ocean-viruses www.secnews.physaphae.fr/article.php?IdArticle=1095667 False None APT 32 None Wired Threat Level - Security News 2019-04-26T14:00:00+00:00 https://www.wired.com/story/exquisite-underwater-photograph-gallery www.secnews.physaphae.fr/article.php?IdArticle=1095487 False None APT 32 None SentinelOne (SecIntel) - Cyber Firms Threat actors have the know-how to develop campaigns that target your weakest link. Learn how Lazarus APT took their malware to Apple\'s macOS platform.]]> 2019-04-25T18:28:33+00:00 https://www.sentinelone.com/labs/lazarus-apt-targets-mac-users-with-poisoned-word-document/ www.secnews.physaphae.fr/article.php?IdArticle=8388362 False Malware APT 38 3.0000000000000000 Malwarebytes Labs - MalwarebytesLabs A roundup of security news from April 15–21, including an explanation of like-farming, Ellen DeGeneres scam, flaws in VPN services, funky malware formats found in Ocean Lotus, and more. Categories: Security world Week in security Tags: a week in securitycyber resilienceEllen DeGeneresfake Airbnb sitesFlame 2.0IE vulnerabilitylike-farmingnotre dame disinformationVPN flawweek in security (Read more...) ]]> 2019-04-22T15:47:02+00:00 https://blog.malwarebytes.com/security-world/2019/04/a-week-in-security-april-15-21/ www.secnews.physaphae.fr/article.php?IdArticle=1095519 True Malware APT 32 None Malwarebytes Labs - MalwarebytesLabs Recently, one of our researchers presented at the SAS conference on "Funky malware formats"-atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam. Categories: Malware Threat analysis Tags: APT 32atypical malware formatsBLOBCABcustom formatmalware formatocean lotusVietnam (Read more...) ]]> 2019-04-19T18:37:05+00:00 https://blog.malwarebytes.com/threat-analysis/2019/04/funky-malware-format-found-in-ocean-lotus-sample/ www.secnews.physaphae.fr/article.php?IdArticle=1095040 False Malware,Threat APT 32 None InformationSecurityBuzzNews - Site de News Securite Explained – APT34 Code Leak]]> 2019-04-19T15:45:02+00:00 https://www.informationsecuritybuzz.com/expert-comments/explained-apt34-code-leak/ www.secnews.physaphae.fr/article.php?IdArticle=1094820 False None APT 34 None Security Affairs - Blog Secu 2019-04-19T12:07:04+00:00 https://securityaffairs.co/wordpress/84180/apt/oilrig-apt-tools-leaked-online.html www.secnews.physaphae.fr/article.php?IdArticle=1094495 False None APT 34 None Security Affairs - Blog Secu 2019-04-18T20:47:05+00:00 https://securityaffairs.co/wordpress/84125/apt/oilrig-dns-tunneling.html www.secnews.physaphae.fr/article.php?IdArticle=1093975 False Malware APT 34 None Bleeping Computer - Magazine Américain 2019-04-18T10:10:01+00:00 https://www.bleepingcomputer.com/news/security/hacker-group-exposes-iranian-apt-operations-and-members/ www.secnews.physaphae.fr/article.php?IdArticle=1094143 False None APT 34 None ZD Net - Magazine Info 2019-04-17T23:24:00+00:00 https://www.zdnet.com/article/source-code-of-iranian-cyber-espionage-tools-leaked-on-telegram/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1094087 False None APT 34 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-04-12T14:58:05+00:00 https://threatpost.com/north-koreas-hidden-cobra-strikes-u-s-targets-with-hoplight/143740/ www.secnews.physaphae.fr/article.php?IdArticle=1093322 False Malware,Tool APT 38 None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC A Beginner's Guide to Test Automation | Sticky Minds All roads lead to exploratory testing When I’m faced with something to test – be it a feature in a software application or a collection of features in a release, my general preference is weighted strongly towards exploratory testing. When someone who doesn’t know a great deal about testing wants me or my team to do testing for them, I would love to educate them on why exploratory testing could be a strong part of the test strategy. All roads lead to exploratory testing | Womentesters While on the topic of testing Testing Behaviours — Writing A Good Gherkin Script | Medium, Jo Mahadevan Single-page, server-side, static… say what? An emoji-filled learning journey about the trade-offs of different website architectures, complete with gifs, diagrams, and demo apps. If you’ve been hanging around the internet, trying to build websites and apps, you may have heard some words in conversation like static site or server-side rendered (SSR) or single-page app (SPA). But what do all of these words mean? How does each type of application architecture differ? What are the tradeoffs of each approach and which one should you use when building your website? Single-Page, Server-Side, Static… say what? | Marie Chatfield If, like me you enjoyed this post by Marie, check out some of her other posts which are great. Quick plug to Protocol-andia: Welcome to the Networking Neighborhood. A whimsical introduction to how computers talk to each other, and what exactly your requests are up to. Strengthen your security posture: start with a cybersecurity framework The 2017 Equifax data breach is expected to break all previous records for data breach costs, with Larry Ponemon, chairman of the Ponemon Institute, estimating the final cost to be more than $600 million. Even non-enterprise-level organizations suffer severe consequences for data breaches. According to the National Cyber Security Alliance, mid-market companies pay more than $1 million in post-attack mitigation, and the average cost of a data breach to an SMB is $117,000 per incident. While estimates vary, approximately 60% of businesses who suffer a breach are forced to shut down business within 6 months. It is mor]]> 2019-04-12T13:00:00+00:00 https://feeds.feedblitz.com/~/600760182/0/alienvault-blogs~Things-I-hearted-this-week-th-April www.secnews.physaphae.fr/article.php?IdArticle=1093204 False Guideline,Prediction Equifax,APT 39 None Security Affairs - Blog Secu 2019-04-11T19:58:01+00:00 https://securityaffairs.co/wordpress/83686/apt/hoplight-trojan-hidden-cobra.html www.secnews.physaphae.fr/article.php?IdArticle=1092961 False None APT 38 None InformationSecurityBuzzNews - Site de News Securite DHS And FBI Issue Advisory On North Korean HOPLIGHT Malware]]> 2019-04-11T17:00:04+00:00 https://www.informationsecuritybuzz.com/expert-comments/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/ www.secnews.physaphae.fr/article.php?IdArticle=1093133 True Malware APT 38 None Checkpoint - Fabricant Materiel Securite 2019-04-11T13:00:03+00:00 http://blog.checkpoint.com/2019/04/11/protect-your-business-by-managing-network-security-from-the-palm-of-your-hand/ www.secnews.physaphae.fr/article.php?IdArticle=1094014 False Data Breach,Prediction APT 39 None IT Security Guru - Blog Sécurité 2019-04-11T12:28:03+00:00 https://hellofromhony.com/goaway?temp=5&/2019/04/11/new-hoplight-malware-marks-re-emergence-of-lazarus-group/ www.secnews.physaphae.fr/article.php?IdArticle=1092926 False Malware,Medical APT 38 None Bleeping Computer - Magazine Américain 2019-04-10T14:06:04+00:00 https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/ www.secnews.physaphae.fr/article.php?IdArticle=1092654 False Malware APT 38 None We Live Security - Editeur Logiciel Antivirus ESET Latest ESET research describes the inner workings of a recently found addition to OceanLotus's toolset for targeting Mac users ]]> 2019-04-09T09:30:05+00:00 https://www.welivesecurity.com/2019/04/09/oceanlotus-macos-malware-update/ www.secnews.physaphae.fr/article.php?IdArticle=1091885 False Malware APT 32 None Wired Threat Level - Security News 2019-04-05T15:08:01+00:00 https://www.wired.com/story/sea-levels-are-rising-time-to-build-floating-cities www.secnews.physaphae.fr/article.php?IdArticle=1091067 False None APT 32 None Security Affairs - Blog Secu 2019-04-03T17:25:04+00:00 https://securityaffairs.co/wordpress/83246/breaking-news/oceanlotus-steganography-backdoors.html www.secnews.physaphae.fr/article.php?IdArticle=1087377 False None APT 32 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-04-03T14:44:02+00:00 https://threatpost.com/oceanlotus-apt-uses-steganography-to-shroud-payloads/143373/ www.secnews.physaphae.fr/article.php?IdArticle=1087444 False None APT 32 4.0000000000000000 Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-03-28T16:12:00+00:00 https://threatpost.com/lazarus-tactics-cryptocurrency-attacks/143249/ www.secnews.physaphae.fr/article.php?IdArticle=1085560 False None APT 38 None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-03-28T09:11:00+00:00 https://www.csoonline.com/article/3385126/apt-group-elfin-switches-from-data-destruction-to-data-stealing-via-winrar-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1085514 False Data Breach,Vulnerability APT33,APT 33 None Security Affairs - Blog Secu 2019-03-28T08:20:04+00:00 https://securityaffairs.co/wordpress/82985/apt/lazarus-targets-mac.html www.secnews.physaphae.fr/article.php?IdArticle=1084744 False Malware,Medical APT 38 None SecurityWeek - Security News 2019-03-28T06:57:04+00:00 https://www.securityweek.com/microsoft-takes-control-99-domains-used-iranian-cyberspies www.secnews.physaphae.fr/article.php?IdArticle=1086037 False Conference APT 35 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-03-28T01:18:01+00:00 https://thehackernews.com/2019/03/apt33-cyber-espionage-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=1084728 False None APT33,APT 33 None ZD Net - Magazine Info 2019-03-27T18:04:01+00:00 https://www.zdnet.com/article/microsoft-takes-control-of-99-domains-operated-by-iranian-state-hackers/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1084040 False Conference APT 35 None Bleeping Computer - Magazine Américain 2019-03-27T15:39:03+00:00 https://www.bleepingcomputer.com/news/security/microsoft-retaliates-against-apt35-hacker-group-by-seizing-99-domains/ www.secnews.physaphae.fr/article.php?IdArticle=1084070 False Threat APT 35 None SecurityWeek - Security News 2019-03-27T15:00:02+00:00 https://www.securityweek.com/north-korea-linked-hackers-target-macos-users www.secnews.physaphae.fr/article.php?IdArticle=1084549 False Medical APT 38 None SecurityWeek - Security News 2019-03-27T14:00:02+00:00 https://www.securityweek.com/iran-linked-cyberspy-group-apt33-continues-attacks-saudi-arabia-us www.secnews.physaphae.fr/article.php?IdArticle=1084552 False None APT33,APT 33 None ZD Net - Magazine Info 2019-03-27T10:52:01+00:00 https://www.zdnet.com/article/north-korean-hackers-continue-attacks-on-cryptocurrency-businesses/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1083251 False Malware,Medical APT 38 None ZD Net - Magazine Info 2019-03-21T12:17:02+00:00 https://www.zdnet.com/article/oceanlotus-revamps-public-exploit-code-to-abuse-microsoft-office-software/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1074606 False None APT 32 None We Live Security - Editeur Logiciel Antivirus ESET ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar ]]> 2019-03-20T10:28:00+00:00 https://www.welivesecurity.com/2019/03/20/fake-or-fake-keeping-up-with-oceanlotus-decoys/ www.secnews.physaphae.fr/article.php?IdArticle=1073517 False None APT 32 None Malwarebytes Labs - MalwarebytesLabs A roundup of security news from March 11–17 covering our most recent blogs and other news, including Lazarus Group, Emotet, PSD2, reputation management, Google's Nest, and Firefox Send. Categories: Security world Week in security Tags: Apex LegendsChinese DNAemotetfacebookFacebook outageFirefox SendGoogle NestGoogle PlayLazarus Groupnetflixpsd2Spotify (Read more...) ]]> 2019-03-18T14:57:01+00:00 https://blog.malwarebytes.com/security-world/2019/03/a-week-in-security-march-11-17/ www.secnews.physaphae.fr/article.php?IdArticle=1073431 False Medical APT 38 None Malwarebytes Labs - MalwarebytesLabs Lazarus Group, the threat actors likely behind the Sony breach and WannaCry outbreak, are in the news again. Here's what you need to know about this North Korean organization, and what you should do to protect against such nation-state attacks. Categories: Criminals Threat analysis Tags: APTLazarusNorth Korea (Read more...) ]]> 2019-03-12T16:27:00+00:00 https://blog.malwarebytes.com/threat-analysis/2019/03/the-advanced-persistent-threat-files-lazarus-group/ www.secnews.physaphae.fr/article.php?IdArticle=1066116 False Threat,Medical Wannacry,APT 38 None IT Security Guru - Blog Sécurité 2019-03-08T14:53:02+00:00 https://www.itsecurityguru.org/2019/03/08/details-about-shadowy-hacking-cyber-espionage-group-revealed/ www.secnews.physaphae.fr/article.php?IdArticle=1060397 False None APT 32 None Wired Threat Level - Security News 2019-03-07T13:00:00+00:00 https://www.wired.com/story/oceans-are-spiking-a-fever-with-record-heat-waves www.secnews.physaphae.fr/article.php?IdArticle=1057973 False None APT 32 None Security Affairs - Blog Secu 2019-03-05T21:23:03+00:00 https://securityaffairs.co/wordpress/82004/breaking-news/chafer-apt-python-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=1055754 False Malware,Prediction APT 39 None SecurityWeek - Security News 2019-03-05T15:30:05+00:00 https://www.securityweek.com/iran-linked-hackers-use-python-based-backdoor-recent-attacks www.secnews.physaphae.fr/article.php?IdArticle=1055433 False Threat,Prediction APT 39 None Dark Reading - Informationweek Branch 2019-03-05T14:15:00+00:00 https://www.darkreading.com/threat-intelligence/lazarus-research-highlights-threat-from-north-korea/d/d-id/1334063?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1054783 False Threat,Medical APT 38 None Security Affairs - Blog Secu 2019-03-04T12:42:03+00:00 https://securityaffairs.co/wordpress/81924/apt/sharphooter-north-korea.html www.secnews.physaphae.fr/article.php?IdArticle=1052617 False None APT 38 None ZD Net - Magazine Info 2019-03-04T11:43:02+00:00 https://www.zdnet.com/article/researchers-granted-command-server-by-officials-link-sharpshooter-campaign-to-north-korea/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1052594 False Medical APT 38 None Korben - Bloger francais Suite]]> 2019-03-04T09:00:05+00:00 https://korben.info/oceanaudio-editeur-audio-qu-il-vous-faut.html www.secnews.physaphae.fr/article.php?IdArticle=1053464 False None APT 32 None Bleeping Computer - Magazine Américain 2019-03-03T23:30:04+00:00 https://www.bleepingcomputer.com/news/security/op-sharpshooter-connected-to-north-koreas-lazarus-group/ www.secnews.physaphae.fr/article.php?IdArticle=1052162 False Threat APT 38 None Security Affairs - Blog Secu 2019-02-20T12:20:01+00:00 https://securityaffairs.co/wordpress/81414/apt/lazarus-apt-targets-russia.html www.secnews.physaphae.fr/article.php?IdArticle=1033767 False None APT 38 None Wired Threat Level - Security News 2019-02-20T12:00:00+00:00 https://www.wired.com/story/boaty-mcboatface-gears-up-for-an-epic-swim-across-the-arctic www.secnews.physaphae.fr/article.php?IdArticle=1033687 False None APT 32 None SecurityWeek - Security News 2019-02-19T15:53:03+00:00 https://www.securityweek.com/north-koreas-lazarus-hackers-found-targeting-russian-entities www.secnews.physaphae.fr/article.php?IdArticle=1032853 False None APT 38 None Bleeping Computer - Magazine Américain 2019-02-19T13:32:00+00:00 https://www.bleepingcomputer.com/news/security/north-korean-apt-lazarus-targets-russian-entities-with-keymarble-backdoor/ www.secnews.physaphae.fr/article.php?IdArticle=1032928 False None APT 38 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-02-01T19:35:02+00:00 https://threatpost.com/chafer-iran-apt-malware/141420/ www.secnews.physaphae.fr/article.php?IdArticle=1019750 False Malware APT 39 None IT Security Guru - Blog Sécurité 2019-01-31T10:29:01+00:00 https://www.itsecurityguru.org/2019/01/31/fbi-maps-and-further-disrupts-north-korean-jonap-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=1016373 True Threat,Medical APT 38 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-01-31T00:03:04+00:00 https://thehackernews.com/2019/01/north-korea-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=1016264 False Threat,Medical APT 38 None Security Affairs - Blog Secu 2019-01-30T08:58:00+00:00 https://securityaffairs.co/wordpress/80450/apt/iran-apt39-cyberespionage.html www.secnews.physaphae.fr/article.php?IdArticle=1014677 False Prediction APT 39 None Mandiant - Blog Sécu de Mandiant opérations d'influence , perturbateurs

---

UPDATE (Jan. 30): Figure 1 has been updated to more accurately reflect APT39 targeting. Specifically, Australia, Norway and South Korea have been removed. In December 2018, FireEye identified APT39 as an Iranian cyber espionage group responsible for widespread theft of personal information. We have tracked activity linked to this group since November 2014 in order to protect organizations from APT39 activity to date. APT39\'s focus on the widespread theft of personal information sets it apart from other Iranian groups FireEye tracks, which have been linked to influence operations, disruptive]]> 2019-01-29T11:00:00+00:00 https://www.mandiant.com/resources/blog/apt39-iranian-cyber-espionage-group-focused-on-personal-information www.secnews.physaphae.fr/article.php?IdArticle=8377713 False None APT33,APT 39,APT 39,APT 33 4.0000000000000000