www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-11T01:36:22+00:00 www.secnews.physaphae.fr RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires, 5 août 2024<br>Weekly OSINT Highlights, 5 August 2024 2024-08-05T10:51:17+00:00 https://community.riskiq.com/article/ed438f56 www.secnews.physaphae.fr/article.php?IdArticle=8552050 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Mobile APT33,APT 41,APT 33,APT-C-17 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Un nouvel outil Specula utilise Outlook pour l'exécution du code distant sous Windows<br>New Specula tool uses Outlook for remote code execution in Windows ## Snapshot TrustedSec identified a new red team post-exploitation framework called "Specula," which leverages a vulnerability in Microsoft Outlook to remotely execute code by setting malicious home pages via registry modifications. ## Description The novel Specula framework exploits [CVE-2017-11774](https://sip.security.microsoft.com/vulnerabilities/vulnerability/CVE-2017-11774/overview), a security feature bypass vulnerability in Outlook that allows threat actors to set a custom Outlook home page via registry keys and run vbscript or jscript to execute arbitrary commands on compromised Windows systems. Despite being patched, attackers can still create malicious home pages using Windows Registry values, enabling them to achieve persistence and laterally spread to other systems. The method is notable for its ability to bypass security software by leveraging Outl]]> 2024-08-02T00:53:15+00:00 https://community.riskiq.com/article/4b71ce29 www.secnews.physaphae.fr/article.php?IdArticle=8549339 False Tool,Vulnerability,Threat APT33,APT 33 3.0000000000000000 Bleeping Computer - Magazine Américain Outlook Flaw Exploited by Iranian APT33, US CyberCom Issues Alert 2019-07-03T15:31:02+00:00 https://www.bleepingcomputer.com/news/security/outlook-flaw-exploited-by-iranian-apt33-us-cybercom-issues-alert/ www.secnews.physaphae.fr/article.php?IdArticle=1185589 False Malware,Vulnerability APT33,APT 33 None CSO - CSO Daily Dashboard APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-03-28T09:11:00+00:00 https://www.csoonline.com/article/3385126/apt-group-elfin-switches-from-data-destruction-to-data-stealing-via-winrar-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1085514 False Data Breach,Vulnerability APT33,APT 33 None