This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-28T09:39:16+00:00 www.secnews.physaphae.fr ZD Net - Magazine Info 2022-03-15T12:55:00+00:00 https://www.zdnet.com/article/caddywiper-more-destructive-wiper-malware-strikes-ukrainian-targets/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=4285076 False Malware None None SecurityWeek - Security News 2022-03-15T11:38:33+00:00 https://www.securityweek.com/caddywiper-another-destructive-wiper-malware-targeting-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4284112 False Malware,Threat None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2022-03-15T10:30:00+00:00 https://www.infosecurity-magazine.com/news/mobile-devices-466-increase-zeroday/ www.secnews.physaphae.fr/article.php?IdArticle=4283463 False Malware None None IT Security Guru - Blog Sécurité 2022-03-15T10:20:42+00:00 https://www.itsecurityguru.org/2022/03/15/ukrainian-machines-hit-with-another-malware-variant/?utm_source=rss&utm_medium=rss&utm_campaign=ukrainian-machines-hit-with-another-malware-variant www.secnews.physaphae.fr/article.php?IdArticle=4283971 False Malware None 5.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2022-03-15T09:30:00+00:00 https://www.infosecurity-magazine.com/news/ukrainian-targets-hit-destructive/ www.secnews.physaphae.fr/article.php?IdArticle=4283321 False Malware None None Security Affairs - Blog Secu 2022-03-15T05:33:53+00:00 https://securityaffairs.co/wordpress/129069/cyber-warfare-2/caddywiper-wiper-hits-ukraine.html?utm_source=rss&utm_medium=rss&utm_campaign=caddywiper-wiper-hits-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4282384 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-15T02:38:46+00:00 https://thehackernews.com/2022/03/caddywiper-yet-another-data-wiping.html www.secnews.physaphae.fr/article.php?IdArticle=4283295 False Malware None None Fortinet - Fabricant Materiel Securite ]]> 2022-03-15T00:00:00+00:00 https://www.fortinet.com/blog/threat-research/evolution-of-malware www.secnews.physaphae.fr/article.php?IdArticle=4286536 False Malware None None We Live Security - Editeur Logiciel Antivirus ESET 2022-03-14T23:00:00+00:00 https://www.welivesecurity.com/2022/03/15/caddywiper-new-wiper-malware-discovered-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=4282185 False Malware None None LogPoint - Blog Secu by Bhabesh Raj Rai, Security ResearchEven the most sophisticated and advanced state-sponsored attackers leave digital traces and detecting these anomalies is key to protecting organizations against malware. One common method threat actors use to initiate malware campaigns is by phishing with a malicious Word document. When a user opens the document, it's likely to trigger [...] ]]> 2022-03-14T13:26:58+00:00 https://www.logpoint.com/fr/blog/detecting-malicious-macros-is-a-vital-tool-in-the-fight-against-malware/ www.secnews.physaphae.fr/article.php?IdArticle=4593590 False Malware,Tool,Threat None None TechRepublic - Security News US 2022-03-14T13:20:43+00:00 https://www.techrepublic.com/article/cybersecurity-attacker-uses-websites-contact-forms-to-spread-bazarloader-malware/ www.secnews.physaphae.fr/article.php?IdArticle=4277488 False Malware None None IT Security Guru - Blog Sécurité 2022-03-14T10:32:49+00:00 https://www.itsecurityguru.org/2022/03/14/malware-hidden-in-fake-valorant-aim-bot/?utm_source=rss&utm_medium=rss&utm_campaign=malware-hidden-in-fake-valorant-aim-bot www.secnews.physaphae.fr/article.php?IdArticle=4276468 False Malware,Threat None None IT Security Guru - Blog Sécurité 2022-03-14T09:45:27+00:00 https://www.itsecurityguru.org/2022/03/14/ukraines-it-army-hit-with-info-stealing-malware/?utm_source=rss&utm_medium=rss&utm_campaign=ukraines-it-army-hit-with-info-stealing-malware www.secnews.physaphae.fr/article.php?IdArticle=4275866 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-14T02:17:59+00:00 https://thehackernews.com/2022/03/researchers-find-new-evidence-linking.html www.secnews.physaphae.fr/article.php?IdArticle=4275818 False Malware None None Security Affairs - Blog Secu 2022-03-13T14:47:13+00:00 https://securityaffairs.co/wordpress/128975/malware/hidden-c2-lampion-trojan-release-212.html?utm_source=rss&utm_medium=rss&utm_campaign=hidden-c2-lampion-trojan-release-212 www.secnews.physaphae.fr/article.php?IdArticle=4272548 False Malware None None Security Affairs - Blog Secu 2022-03-12T16:40:23+00:00 https://securityaffairs.co/wordpress/128942/cyber-crime/phishing-bazarloader-campaign.html?utm_source=rss&utm_medium=rss&utm_campaign=phishing-bazarloader-campaign www.secnews.physaphae.fr/article.php?IdArticle=4268700 False Malware,Threat None None Krebs on Security - Chercheur Américain 2022-03-11T16:50:11+00:00 https://krebsonsecurity.com/2022/03/report-recent-10x-increase-in-cyberattacks-on-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=4261864 False Malware None None knowbe4 - cybersecurity services New analysis of attacks in 2021 show massive increases across the board, painting a very concerning picture for this year around cyberattacks of all types.]]> 2022-03-11T15:28:20+00:00 https://blog.knowbe4.com/email-based-vishing-attacks-skyrocket-554-percent www.secnews.physaphae.fr/article.php?IdArticle=4261108 False Malware None None InfoSecurity Mag - InfoSecurity Magazine 2022-03-11T10:00:00+00:00 https://www.infosecurity-magazine.com/news/ukrainian-it-army-hijacked-malware/ www.secnews.physaphae.fr/article.php?IdArticle=4259429 False Malware None None Fortinet ThreatSignal - Harware Vendor 2022-03-10T23:39:03+00:00 https://fortiguard.fortinet.com/threat-signal-report/4449 www.secnews.physaphae.fr/article.php?IdArticle=4258974 False Malware,Tool,Vulnerability,Threat,Guideline APT 15,APT 15,APT 41 None Security Affairs - Blog Secu 2022-03-10T21:51:37+00:00 https://securityaffairs.co/wordpress/128894/cyber-crime/fake-ddos-tool-ukraines-it-army.html?utm_source=rss&utm_medium=rss&utm_campaign=fake-ddos-tool-ukraines-it-army www.secnews.physaphae.fr/article.php?IdArticle=4256081 False Malware,Tool,Threat None None Data Security Breach - Site de news Francais Continue reading Bourse : les cyberattaques font grimper des valeurs en bourse]]> 2022-03-10T18:15:02+00:00 https://www.datasecuritybreach.fr/cybersecurite-en-bourse/ www.secnews.physaphae.fr/article.php?IdArticle=4255368 False Malware None None ProofPoint - Firm Security 2022-03-10T16:18:03+00:00 https://www.proofpoint.com/us/newsroom/news/mobile-malware-can-spy-users-steal-credentials-and-intercept-calls-500 www.secnews.physaphae.fr/article.php?IdArticle=4264608 False Malware None None Security Intelligence - Site de news Américain 2022-03-10T14:00:00+00:00 https://securityintelligence.com/articles/starting-home-cybersecurity-hybrid-workplace/ www.secnews.physaphae.fr/article.php?IdArticle=4254526 False Malware None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-03-10T13:00:32+00:00 https://threatpost.com/qakbot-botnet-sprouts-fangs-injects-malware-into-email-threads/178845/ www.secnews.physaphae.fr/article.php?IdArticle=4253912 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-10T07:12:52+00:00 https://thehackernews.com/2022/03/iranian-hackers-targeting-turkey-and.html www.secnews.physaphae.fr/article.php?IdArticle=4254704 False Ransomware,Malware,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-10T00:01:20+00:00 https://thehackernews.com/2022/03/ukrainian-hacker-linked-to-revil.html www.secnews.physaphae.fr/article.php?IdArticle=4253214 False Ransomware,Malware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2022-03-09T17:00:00+00:00 https://www.infosecurity-magazine.com/news/romanian-data-scraping-fraud-charge/ www.secnews.physaphae.fr/article.php?IdArticle=4250593 False Malware None None CISCO Talos - Cisco Research blog 2022-03-09T11:46:39+00:00 http://blog.talosintelligence.com/2022/03/threat-advisory-cybercriminals.html www.secnews.physaphae.fr/article.php?IdArticle=4250862 False Malware None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the attached IOCs and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Samsung Confirms Galaxy Source Code Breach but Says no Customer Information was Stolen (published: March 7, 2022) South American threat actor group Lapsus$ posted snapshots and claimed it had stolen 190GB of confidential data, including source code, from the South Korean tech company Samsung. On March 7, 2022, Samsung confirmed that the company recently suffered a cyberattack, but said that it doesn't anticipate any impact on its business or customers. Earlier, in February 2022, Lapsus$ had stolen 1TB data from GPU giant Nvidia and tried to negotiate with the company. Analyst Comment: Companies should implement cybersecurity best practices to guard their source code and other proprietary data. Special attention should be paid to workers working from home and the security of contractors who have access to such data. Tags: Lapsus$, South Korea, South America, Data breach Beware of Malware Offering “Warm Greetings From Saudi Aramco” (published: March 5, 2022) Malwarebytes researchers discovered a new phishing campaign impersonating Saudi Aramco and targeting oil and gas companies. The attached pdf file contained an embedded Excel object which would download a remote template that exploits CVE-2017-11882 to download and execute the FormBook information stealer. Analyst Comment: Organizations should train their users to recognize and report phishing emails. To mitigate this Formbook campaign, users should not handle emails coming from outside of the organization while being logged on with administrative user rights. MITRE ATT&CK: [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] Ingress Tool Transfer - T1105 | [MITRE ATT&CK] Template Injection - T1221 Tags: FormBook, CVE-2017-11882, Oil And Gas, Middle East, Saudi Aramco, Excel, Phishing, Remote template Paying a Ransom Doesn’t Put an End to the Extortion (published: March 2, 2022) Venafi researchers conducted a survey regarding recent ransomware attacks and discovered that 83% of successful ransomware attacks include additional extortion methods, containing: threatening to extort customers (38%), stolen data exposure (35%), and informing customers that their data has been stolen (32%). 35% of those who paid the ransom were still unable to recover their data, 18% of victims had their data exposed despite the fact that they paid the ransom. Analyst Comment: This survey shows that ransomware payments are not as reliable in preventing further damages to the victimized organization as previously thought. Educate employees on t]]> 2022-03-08T18:54:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-daxin-hides-by-hijacking-tcp-connections-belarus-targets-ukraine-and-poland-paying-a-ransom-is-not-a-guarantee-and-more www.secnews.physaphae.fr/article.php?IdArticle=4246895 False Ransomware,Malware,Tool,Threat None None SecureWork - SecureWork: incident response 2022-03-08T04:00:00+00:00 https://www.secureworks.com/blog/excel-add-ins-deliver-jssloader-malware www.secnews.physaphae.fr/article.php?IdArticle=4593501 False Malware,Threat None None TechRepublic - Security News US 2022-03-08T00:40:20+00:00 https://www.techrepublic.com/article/nvidias-breach-might-help-cybercriminals-run-malware-campaigns/ www.secnews.physaphae.fr/article.php?IdArticle=4243811 False Malware None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-03-07T17:46:39+00:00 https://threatpost.com/nvidias-stolen-code-signing-certs-sign-malware/178784/ www.secnews.physaphae.fr/article.php?IdArticle=4242393 False Malware None None Security Affairs - Blog Secu 2022-03-07T15:46:40+00:00 https://securityaffairs.co/wordpress/128765/malware/sharkbot-trojan-google-play.html?utm_source=rss&utm_medium=rss&utm_campaign=sharkbot-trojan-google-play www.secnews.physaphae.fr/article.php?IdArticle=4241749 False Malware None None Fortinet ThreatSignal - Harware Vendor 2022-03-07T14:34:22+00:00 https://fortiguard.fortinet.com/threat-signal-report/4445 www.secnews.physaphae.fr/article.php?IdArticle=4246515 False Malware None None SecurityWeek - Security News 2022-03-07T12:20:18+00:00 https://www.securityweek.com/google-fights-phishing-updated-workspace-notifications www.secnews.physaphae.fr/article.php?IdArticle=4241175 False Malware None None CrowdStrike - CTI Society 2022-03-07T09:55:04+00:00 https://www.crowdstrike.com/blog/the-easy-solution-for-stopping-modern-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=4242332 False Malware,Threat None None CVE Liste - Common Vulnerability Exposure 2022-03-07T09:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0429 www.secnews.physaphae.fr/article.php?IdArticle=4240880 False Malware,Guideline None None 01net. Actualites - Securite - Magazine Francais ]]> 2022-03-07T05:36:39+00:00 https://www.01net.com/actualites/un-cheval-de-troie-a-ete-decouvert-sur-le-play-store-dans-une-application-antivirus-2055374.html www.secnews.physaphae.fr/article.php?IdArticle=4242192 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-06T23:36:25+00:00 https://thehackernews.com/2022/03/sharkbot-banking-malware-spreading-via.html www.secnews.physaphae.fr/article.php?IdArticle=4240222 False Malware,Threat None None Security Affairs - Blog Secu 2022-03-06T13:20:00+00:00 https://securityaffairs.co/wordpress/128739/breaking-news/security-affairs-newsletter-round-356.html?utm_source=rss&utm_medium=rss&utm_campaign=security-affairs-newsletter-round-356 www.secnews.physaphae.fr/article.php?IdArticle=4237162 False Malware None None Security Affairs - Blog Secu 2022-03-06T10:48:53+00:00 https://securityaffairs.co/wordpress/128721/cyber-warfare-2/malware-hit-charities-ngoin-ukraine.html?utm_source=rss&utm_medium=rss&utm_campaign=malware-hit-charities-ngoin-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4236504 False Malware None None Security Intelligence - Site de news Américain 2022-03-04T20:57:27+00:00 https://securityintelligence.com/posts/new-wiper-malware-used-against-ukranian-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=4228890 False Ransomware,Malware None None We Live Security - Editeur Logiciel Antivirus ESET 2022-03-03T10:30:15+00:00 https://www.welivesecurity.com/2022/03/03/eset-research-podcast-ukraine-past-present-cyberwar/ www.secnews.physaphae.fr/article.php?IdArticle=4224768 False Malware None None Anomali - Firm Blog Cybersecurity Insights Report 2022: The State of Cyber Resilience. Coming in at number nine on our “Top 10 List of the Challenges Cybersecurity Professionals Face” is the Lack of threat intelligence information. I gotta admit, when I first saw this on the list, I was scratching my head, as I'm sure any cybersecurity professional might be. But as I sat back and thought about it, it made more sense.   There's no shortage of threat intelligence data out there, whether it's from open source or third-party feeds. In fact, I assumed most organizations were suffering from information overload as they're inundated with data. What they may lack is RELEVANT intelligence information specific to them. What do I mean? Well, we're all suffering from information overload. When I go to ESPN, I don't want to see all of the scores, I want to see the scores I care about. I want immediate access to my teams so I can be angry about them. (NY Giants and New Jersey Devils, I'm looking at you.) ESPN enables me to pick and choose my favorites so that I can make my experience relevant to me. Which is similar to what organizations need to do. When security teams log into their dashboard, they don't want to be hit with all the threats. They want to see the potential threats most relevant to them so they can take quick action. And they want threat intelligence to be operational so that it can be made actionable to inform security teams. So, what needs to be done? First, let's define Threat Intelligence. Threat Intelligence (TI) is the collection of raw data about threats and vulnerabilities that is then transformed into actionable intelligence. Effective threat intelligence programs help organizations detect and respond to cyberattacks before they cause harm. Organizations that fail to invest in TI as part of their security programs risk being blindsided by new threats or vulnerable to existing ones. Intelligence vs Information vs Data One of the reasons organizations might be struggling is that there might be some confusion between data, informa­tion, and intelligence, especially if they're managing threat intelligence manually. Let's start by trying to outline the differences. The main differences between data, information, and intelligence come in two forms: volume, and usability. Data is a collection of individual facts, statistics, or items of information, usually available in large quantities, it describes specific and indisputable facts. There is a subtle difference between data and information. Data are the facts or details from which information is derived. Individual pieces of data are rarely useful alone. For data to become information, data needs to be put into context. Information is created when a series of data is combined to answer a simple, straightforward question. Let's use hockey goalies as an example. An individual goalie’s save percentage is one piece of data. Let’s say you’ve used six goalies this year, each with varied save percentages. The average save percentage for the entire team can be derived from the given data. Note that although this output is more useful than the raw data, the GM still might not know exactly what to do with it. Intelligence takes this process one step further by interrogating data to t]]> 2022-03-03T05:00:00+00:00 https://www.anomali.com/blog/why-are-organizations-suffering-from-lack-of-threat-intelligence-information www.secnews.physaphae.fr/article.php?IdArticle=4219564 False Malware,Threat None None TechRepublic - Security News US 2022-03-02T19:56:27+00:00 https://www.techrepublic.com/article/daxin-a-chinese-linked-malware-that-is-dangerous-and-nearly-impossible-to-detect/ www.secnews.physaphae.fr/article.php?IdArticle=4217433 False Malware None None IT Security Guru - Blog Sécurité 2022-03-02T11:41:42+00:00 https://www.itsecurityguru.org/2022/03/02/cyberattacks-in-ukraine-could-reach-other-countries/?utm_source=rss&utm_medium=rss&utm_campaign=cyberattacks-in-ukraine-could-reach-other-countries www.secnews.physaphae.fr/article.php?IdArticle=4214789 False Malware None None IT Security Guru - Blog Sécurité 2022-03-02T11:25:45+00:00 https://www.itsecurityguru.org/2022/03/02/teabot-malware-resurfaces-on-google-play-store/?utm_source=rss&utm_medium=rss&utm_campaign=teabot-malware-resurfaces-on-google-play-store www.secnews.physaphae.fr/article.php?IdArticle=4214790 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-01T22:20:17+00:00 https://thehackernews.com/2022/03/teabot-android-banking-malware-spreads.html www.secnews.physaphae.fr/article.php?IdArticle=4213343 False Malware None None Ars Technica - Risk Assessment Security Hacktivism 2022-03-01T19:24:09+00:00 https://arstechnica.com/?p=1837306 www.secnews.physaphae.fr/article.php?IdArticle=4209758 False Malware None None knowbe4 - cybersecurity services [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk   Email not displaying? | CyberheistNews Vol 12 #09  |   Mar. 1st., 2022 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk   The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine. ]]> 2022-03-01T19:07:44+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-09-heads-up-the-ukraine-war-started-a-new-wiper-malware-spillover www.secnews.physaphae.fr/article.php?IdArticle=4209918 True Malware NotPetya None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-03-01T17:55:46+00:00 https://threatpost.com/daxin-espionage-backdoor-chinese-malware/178706/ www.secnews.physaphae.fr/article.php?IdArticle=4208985 False Malware,Tool None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot (published: February 25, 2022) Researchers at Unit 42 identified an attack targeting an energy organization in Ukraine. Ukrainian CERT has attributed this attack to a threat group they track as UAC-0056. The targeted attack involved a spear phishing email sent to organization employees containing a malicious JavaScript file that would download and install a downloader known as SaintBot and a document stealer called OutSteel. Actors leverage Discord’s content delivery network (CDN) to host their payload. Goal of this attack was data collection on government organizations and companies involved with critical infrastructure. Analyst Comment: Administrators can block traffic to discordapp[.]com if their organization doesn’t have a current legitimate use of Discord. Implement attack surface reduction rules for Microsoft Office. Train users to recognize, safely process, and report potential spearphishing emails. MITRE ATT&CK: [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] Ingress Tool Transfer - T1105 | [MITRE ATT&CK] Modify Registry - T1112 Tags: Russia, Ukraine, OutSteal, SaintBot, UAC-0056, TA471, Lorec53, SaintBear, Ukraine-Russia Conflict 2022, Operation Bleeding Bear Disruptive HermeticWiper Attacks Targeting Ukrainian Organizations (published: February 25, 2022) Researchers at Secureworks have identified and investigated reports of Ukrainian government and financial organizations being impacted by distributed denial of service and wiper attacks. Between 15-23 Feb intermittent loss of access to a large number of government websites belonging to the Ukrainian Ministry of Foreign Affairs, Ministry of Defense, Security Service, Ministry of Internal Affairs, and Cabinet of Ministers. PrivatBank and Oschadbank. Along with this, the threat actors also targeted some government and financial organizations in Ukraine to deploy a novel wiper dubbed ‘HermeticWiper’ which abuses a legitimate & signed EaseUS partition management driver. In other attacks targeting Ukraine researchers also observed 13 Ukrainian government websites defaced and Tor forums listing data for Ukrainian citizens being available for sale. Analyst Comment: Organizations exposed to war between Russia and Ukraine should be on high alert regarding the ongoing cyberattacks. Implement defense-in-depth approach including patch management, anti-phishing training, disaster recovery plans, and backing up your information and systems. MITRE ATT&CK: [MITRE ATT&CK] Data Destruction - T1485 | ]]> 2022-03-01T16:01:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-information-stealing-and-wiping-campaigns-target-ukraine-electron-bot-is-after-social-media-accounts-attackers-poison-application-and-library-repositories-and-more www.secnews.physaphae.fr/article.php?IdArticle=4208291 False Ransomware,Malware,Tool,Vulnerability,Threat None 4.0000000000000000 SecurityWeek - Security News 2022-03-01T15:35:11+00:00 https://www.securityweek.com/cyberattacks-ukraine-new-worm-spreading-data-wiper-ransomware-smokescreen www.secnews.physaphae.fr/article.php?IdArticle=4208343 False Ransomware,Malware None None TechRepublic - Security News US 2022-03-01T15:00:06+00:00 https://www.techrepublic.com/article/destructive-hermeticwiper-malware-strikes-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=4208095 False Malware None None SecurityWeek - Security News 2022-03-01T14:30:26+00:00 https://www.securityweek.com/three-ways-defeat-ransomware www.secnews.physaphae.fr/article.php?IdArticle=4208105 False Ransomware,Malware None None ComputerWeekly - Computer Magazine 2022-03-01T10:00:00+00:00 https://www.computerweekly.com/news/252514012/ESET-details-new-IsaacWiper-malware-used-on-Ukraine www.secnews.physaphae.fr/article.php?IdArticle=4208312 False Malware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-01T08:46:53+00:00 https://thehackernews.com/2022/03/second-new-isaacwiper-data-wiper.html www.secnews.physaphae.fr/article.php?IdArticle=4208886 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-01T06:03:02+00:00 https://thehackernews.com/2022/03/conti-ransomware-gangs-internal-chats.html www.secnews.physaphae.fr/article.php?IdArticle=4207497 False Ransomware,Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-01T05:22:15+00:00 https://thehackernews.com/2022/03/trickbot-malware-gang-upgrades-its.html www.secnews.physaphae.fr/article.php?IdArticle=4207498 False Malware None None SecurityWeek - Security News 2022-03-01T02:49:28+00:00 https://www.securityweek.com/free-all-no-crippling-cyberattacks-ukraine-war www.secnews.physaphae.fr/article.php?IdArticle=4205031 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-01T01:18:08+00:00 https://thehackernews.com/2022/03/microsoft-finds-foxblade-malware-hit.html www.secnews.physaphae.fr/article.php?IdArticle=4206391 False Malware,Threat None None Security Affairs - Blog Secu 2022-03-01T00:12:28+00:00 https://securityaffairs.co/wordpress/128538/cyber-warfare-2/foxblade-malware-used-hours-before-invasion.html?utm_source=rss&utm_medium=rss&utm_campaign=foxblade-malware-used-hours-before-invasion www.secnews.physaphae.fr/article.php?IdArticle=4204132 False Malware,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-03-01T00:01:03+00:00 https://thehackernews.com/2022/03/china-linked-daxin-malware-targeted.html www.secnews.physaphae.fr/article.php?IdArticle=4206098 False Malware,Tool,Threat None None SecurityWeek - Security News 2022-02-28T21:51:06+00:00 https://www.securityweek.com/microsoft-cyberattacks-ukraine-hitting-civilian-digital-targets www.secnews.physaphae.fr/article.php?IdArticle=4203383 False Malware None None SecurityWeek - Security News 2022-02-28T16:52:01+00:00 https://www.securityweek.com/symantec-super-stealthy-daxin-backdoor-linked-chinese-threat-actor www.secnews.physaphae.fr/article.php?IdArticle=4201307 False Malware,Threat None None SecurityWeek - Security News 2022-02-28T16:06:59+00:00 https://www.securityweek.com/cisa-fbi-issue-warnings-whispergate-hermeticwiper-attacks www.secnews.physaphae.fr/article.php?IdArticle=4201308 False Malware,Threat None None Mandiant - Blog Sécu de Mandiant Goresym Pour analyser les informations sur les symboles GO et autres métadonnées intégrées.Ce billet de blog

---

Golang (Go) is a compiled language introduced by Google in 2009. The language, runtime, and tooling has evolved significantly since then. In recent years, Go features such as easy-to-use cross-compilation, self-contained executables, and excellent tooling have provided malware authors with a powerful new language to design cross-platform malware. Unfortunately for reverse engineers, the tooling to separate malware author code from Go runtime code has fallen behind. Today, Mandiant is releasing a tool named GoReSym to parse Go symbol information and other embedded metadata. This blog post]]> 2022-02-28T15:00:00+00:00 https://www.mandiant.com/resources/blog/golang-internals-symbol-recovery www.secnews.physaphae.fr/article.php?IdArticle=8377496 False Malware,Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-28T03:10:56+00:00 https://thehackernews.com/2022/02/reborn-of-emotet-new-features-of-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=4199529 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-27T22:52:31+00:00 https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html www.secnews.physaphae.fr/article.php?IdArticle=4198382 False Malware,Threat None None Fortinet ThreatSignal - Harware Vendor 2022-02-27T22:30:37+00:00 https://fortiguard.fortinet.com/threat-signal-report/4426 www.secnews.physaphae.fr/article.php?IdArticle=4209565 False Ransomware,Malware,Threat Wannacry,Wannacry None Security Affairs - Blog Secu 2022-02-26T18:44:00+00:00 https://securityaffairs.co/wordpress/128446/apt/sockdetour-backdoor-targets-us-defense.html?utm_source=rss&utm_medium=rss&utm_campaign=sockdetour-backdoor-targets-us-defense www.secnews.physaphae.fr/article.php?IdArticle=4191027 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-26T02:19:53+00:00 https://thehackernews.com/2022/02/social-media-hijacking-malware.html www.secnews.physaphae.fr/article.php?IdArticle=4188702 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-25T23:39:31+00:00 https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html www.secnews.physaphae.fr/article.php?IdArticle=4188145 False Malware None None CrowdStrike - CTI Society 2022-02-25T21:45:10+00:00 https://www.crowdstrike.com/blog/how-crowdstrike-falcon-protects-against-wiper-malware-used-in-ukraine-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=4185636 False Malware None None knowbe4 - cybersecurity services The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.  ]]> 2022-02-25T12:12:46+00:00 https://blog.knowbe4.com/heads-up-the-ukraine-war-started-a-new-wiper-malware-spillover-risk www.secnews.physaphae.fr/article.php?IdArticle=4182126 False Malware NotPetya None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-25T09:21:07+00:00 https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html www.secnews.physaphae.fr/article.php?IdArticle=4183436 False Malware None None Security Affairs - Blog Secu 2022-02-25T06:20:44+00:00 https://securityaffairs.co/wordpress/128383/apt/muddywater-apt-python-backdoor.html?utm_source=rss&utm_medium=rss&utm_campaign=muddywater-apt-python-backdoor www.secnews.physaphae.fr/article.php?IdArticle=4180790 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-25T06:08:03+00:00 https://thehackernews.com/2022/02/irans-muddywater-hacker-group-using-new.html www.secnews.physaphae.fr/article.php?IdArticle=4182706 False Malware,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-25T00:03:14+00:00 https://thehackernews.com/2022/02/notorious-trickbot-malware-gang-shuts.html www.secnews.physaphae.fr/article.php?IdArticle=4181214 False Malware None None Fortinet - Fabricant Materiel Securite ]]> 2022-02-25T00:00:00+00:00 https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-searcher-malware www.secnews.physaphae.fr/article.php?IdArticle=4201348 False Malware None None CyberArk - Software Vendor 2022-02-24T23:05:45+00:00 https://www.cyberark.com/blog/hermeticwiper-what-we-know-about-new-malware-targeting-ukrainian-infrastructure-thus-far/ www.secnews.physaphae.fr/article.php?IdArticle=4593619 False Malware None None Security Affairs - Blog Secu 2022-02-24T19:28:49+00:00 https://securityaffairs.co/wordpress/128361/malware/ukraine-ransomware-decoy-wiper.html?utm_source=rss&utm_medium=rss&utm_campaign=ukraine-ransomware-decoy-wiper www.secnews.physaphae.fr/article.php?IdArticle=4178510 False Ransomware,Malware None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-02-24T18:42:49+00:00 https://threatpost.com/microsoft-app-store-electron-bot-malware/178629/ www.secnews.physaphae.fr/article.php?IdArticle=4178320 False Malware None None InfoSecurity Mag - InfoSecurity Magazine 2022-02-24T18:25:00+00:00 https://www.infosecurity-magazine.com/news/ukraine-attacked-with-wiper-malware/ www.secnews.physaphae.fr/article.php?IdArticle=4178457 False Malware None None Security Intelligence - Site de news Américain 2022-02-24T17:00:00+00:00 https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=4179641 False Malware None None CISCO Talos - Cisco Research blog 2022-02-24T15:03:29+00:00 http://blog.talosintelligence.com/2022/02/threat-advisory-cyclops-blink.html www.secnews.physaphae.fr/article.php?IdArticle=4179632 False Malware VPNFilter None CISCO Talos - Cisco Research blog 2022-02-24T15:01:17+00:00 http://blog.talosintelligence.com/2022/02/threat-advisory-hermeticwiper.html www.secnews.physaphae.fr/article.php?IdArticle=4179633 False Malware None None Mandiant - Blog Sécu de Mandiant Défense gérée mandiante détecté et répondu à un UNC3313 Intrusion chez un client du Moyen-Orient.Au cours de l'enquête, Mandiant a identifié de nouveaux logiciels malveillants ciblés, gramdoor et Starwhale , qui implémentent les fonctionnalités de porte-portefeuille simples.Nous avons également identifié UNC3313 Utiliser un logiciel d'accès à distance accessible au public pour maintenir l'accès à l'environnement.UNC3313 a initialement eu accès à cette organisation par le biais d'un e-mail de phishing ciblé et des outils de sécurité offensifs open-source modifiés et à effet de levier pour identifier les systèmes accessibles et se déplacer latéralement.Unc3313 déplacé

---

In November 2021, Mandiant Managed Defense detected and responded to an UNC3313 intrusion at a Middle East government customer. During the investigation, Mandiant identified new targeted malware, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. We also identified UNC3313 use publicly available remote access software to maintain access to the environment. UNC3313 initially gained access to this organization through a targeted phishing email and leveraged modified, open-source offensive security tools to identify accessible systems and move laterally. UNC3313 moved]]> 2022-02-24T15:00:00+00:00 https://www.mandiant.com/resources/blog/telegram-malware-iranian-espionage www.secnews.physaphae.fr/article.php?IdArticle=8377497 False Malware,Tool None 4.0000000000000000 RiskIQ - Société américaine spécialisée dans le dns passif. In this roundup, we'll cover spoofed websites and hijacked infrastructure activity in greater detail. We'll also dissect new findings on malware campaigns, nation-state threat infrastructure, and Magecart digital credit card skimming. The post RiskIQ Intelligence Roundup: Spoofed Sites and Surprising Infrastructure Connections  first appeared on RiskIQ.]]> 2022-02-24T13:00:37+00:00 https://www.riskiq.com/blog/external-threat-management/spoofed-sites/ www.secnews.physaphae.fr/article.php?IdArticle=7765126 False Malware,Threat None None SecurityWeek - Security News disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country. ]]> 2022-02-24T11:59:38+00:00 https://www.securityweek.com/destructive-hermeticwiper-malware-targets-computers-ukraine www.secnews.physaphae.fr/article.php?IdArticle=4177072 False Malware None None Security Affairs - Blog Secu 2022-02-24T11:54:24+00:00 https://securityaffairs.co/wordpress/128349/malware/wiper-malware-hermeticwipe-ukrain.html?utm_source=rss&utm_medium=rss&utm_campaign=wiper-malware-hermeticwipe-ukrain www.secnews.physaphae.fr/article.php?IdArticle=4176729 False Malware,Threat None 5.0000000000000000 SecurityWeek - Security News 2022-02-24T11:34:25+00:00 https://www.securityweek.com/new-cyclops-blink-malware-linked-russian-state-hackers-targets-firewalls www.secnews.physaphae.fr/article.php?IdArticle=4176868 False Malware VPNFilter,VPNFilter None InfoSecurity Mag - InfoSecurity Magazine 2022-02-24T10:42:00+00:00 https://www.infosecurity-magazine.com/news/us-uk-warn-vpnfilter-successor/ www.secnews.physaphae.fr/article.php?IdArticle=4176634 False Malware VPNFilter,VPNFilter None We Live Security - Editeur Logiciel Antivirus ESET 2022-02-24T09:32:59+00:00 https://www.welivesecurity.com/2022/02/24/hermeticwiper-new-data-wiping-malware-hits-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=4180340 False Malware None None Security Affairs - Blog Secu 2022-02-24T05:31:35+00:00 https://securityaffairs.co/wordpress/128340/malware/cyclops-blink-sandworm-malware.html?utm_source=rss&utm_medium=rss&utm_campaign=cyclops-blink-sandworm-malware www.secnews.physaphae.fr/article.php?IdArticle=4175891 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-24T05:28:40+00:00 https://thehackernews.com/2022/02/trickbot-gang-likely-shifting.html www.secnews.physaphae.fr/article.php?IdArticle=4177176 False Malware,Threat None None ComputerWeekly - Computer Magazine 2022-02-24T05:00:00+00:00 https://www.computerweekly.com/news/252513791/Russia-behind-dangerous-Cyclops-Blink-malware www.secnews.physaphae.fr/article.php?IdArticle=4176488 False Malware None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-24T03:57:49+00:00 https://thehackernews.com/2022/02/us-uk-agencies-warn-of-new-russian.html www.secnews.physaphae.fr/article.php?IdArticle=4176796 False Malware VPNFilter,VPNFilter None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-02-23T21:28:39+00:00 https://thehackernews.com/2022/02/new-wiper-malware-targeting-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=4175955 False Malware None None