This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T22:14:17+00:00 www.secnews.physaphae.fr Cyble - CyberSecurity Firm Overview  Google Threat Intelligence Group (GTIG) has identified multiple Russia-aligned threat actors actively targeting Signal Messenger accounts as part of a multi-year cyber espionage operation. The campaign, likely driven by Russia\'s intelligence-gathering objectives during its invasion of Ukraine, aims to compromise the secure communications of military personnel, politicians, journalists, and activists.  The tactics observed in this campaign include phishing attacks abusing Signal\'s linked devices feature, malicious JavaScript payloads and malware designed to steal Signal messages from compromised Android and Windows devices. While the focus remains on Ukrainian targets, the threat is expected to expand globally as adversaries refine their techniques.  Google has partnered with Signal to introduce security enhancements that mitigate these attack vectors, urging users to update to the latest versions of the app.  Tactics Used to Compromise Signal Accounts  Exploiting Signal\'s "Linked Devices" Feature  Russia-aligned threat actors have manipulated Signal\'s legitimate linked devices functionality to gain persistent access to victim accounts. By tricking users into scanning malicious QR codes, attackers can link an actor-controlled device to the victim\'s account, enabling real-time message interception without full device compromise.  The phishing methods used to deliver these malicious QR codes include:  Fake Signal group invites containing altered JavaScript redirects.  Phishing pages masquerading as Ukrainian military applications.  ]]> 2025-02-20T13:21:16+00:00 https://cyble.com/blog/germany-strengthening-cybersecurity-2/ www.secnews.physaphae.fr/article.php?IdArticle=8649243 True Malware,Tool,Vulnerability,Threat,Mobile,Cloud,Conference APT 44 2.0000000000000000