This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T21:08:03+00:00 www.secnews.physaphae.fr AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-11-26T14:37:00+00:00 https://levelblue.com/blogs/security-essentials/what-are-computer-worms www.secnews.physaphae.fr/article.php?IdArticle=8618712 False Ransomware,Data Breach,Spam,Malware,Tool,Vulnerability,Threat,Patching,Mobile,Industrial,Medical,Technical Wannacry 2.0000000000000000 Malwarebytes Labs - MalwarebytesLabs Over the last few days, we've noticed a large increase in malicious spam spreading Emotet, as well as a higher number of detections from our customers. Looks like we're in the middle of an active Emotet campaign. Categories: Cybercrime Malware Tags: campaignemotetEternalBluemalicious documentsmalicious spamthreat statisticstrickbotWannaCry (Read more...) ]]> 2018-09-21T22:55:01+00:00 https://blog.malwarebytes.com/cybercrime/2018/09/emotet-rise-heavy-spam-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=819676 False Spam Wannacry None Bleeping Computer - Magazine Américain 2018-06-22T10:58:05+00:00 https://www.bleepingcomputer.com/news/security/blackmail-campaign-pretending-to-be-wannacry-is-really-just-wannaspam/ www.secnews.physaphae.fr/article.php?IdArticle=717558 False Spam Wannacry None Mandiant - Blog Sécu de Mandiant MS017-010 ) a d'abord été utilisépar Wannacry Ransomware et Adylkuzz Cryptocurrency Miner.Maintenant, plus d'acteurs de menaces tirent parti de la vulnérabilité à MicrosoftProtocole de bloc de messages du serveur (SMB) & # 8211;Cette fois pour distribuer Backdoor.Nitol et Trojan Gh0st Rat. Fireeye Dynamic Threat Intelligence (DTI) a historiquement observé des charges utiles similaires livrées via l'exploitation de la vulnérabilité CVE-2014-6332 ainsi que dans certaines campagnes de spam par e-mail en utilisant Commandes de versions .Plus précisément, Backdoor.Nitol a également été lié à des campagnes impliquant une exécution de code distante

---

The “EternalBlue” exploit (MS017-010) was initially used by WannaCry ransomware and Adylkuzz cryptocurrency miner. Now more threat actors are leveraging the vulnerability in Microsoft Server Message Block (SMB) protocol – this time to distribute Backdoor.Nitol and Trojan Gh0st RAT. FireEye Dynamic Threat Intelligence (DTI) has historically observed similar payloads delivered via exploitation of CVE-2014-6332 vulnerability as well as in some email spam campaigns using powershell commands. Specifically, Backdoor.Nitol has also been linked to campaigns involving a remote code execution]]> 2017-06-02T08:00:00+00:00 https://www.mandiant.com/resources/blog/threat-actors-leverage-eternalblue-exploit-deliver-non-wannacry-payloads www.secnews.physaphae.fr/article.php?IdArticle=8377776 False Ransomware,Spam,Vulnerability,Threat Wannacry 4.0000000000000000