www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T16:26:04+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Améliorez votre protection de spam WordPress de sécurité avec CleanTalk Anti-Spam Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam Every website owner or webmaster grapples with the issue of spam on their website forms. The volume of spam can be so overwhelming that finding useful information within it becomes quite challenging. What exacerbates this issue is that spam can populate your public pages, appearing in comments and reviews. You likely understand how this can damage your website\'s reputation, affect search results]]> 2023-07-03T17:00:00+00:00 https://thehackernews.com/2023/07/improve-your-security-wordpress-spam.html www.secnews.physaphae.fr/article.php?IdArticle=8351801 False Spam None 2.0000000000000000 knowbe4 - cybersecurity services Cyberheistnews Vol 13 # 26 [Eyes Open] La FTC révèle les cinq dernières escroqueries par SMS CyberheistNews Vol 13 #26 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams

CyberheistNews Vol 13 #26 | June 27th, 2023 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams. Phony bank fraud prevention alerts were the most common type of text scam last year. "Reports about texts impersonating banks are up nearly tenfold since 2019 with median reported individual losses of $3,000 last year," the report says. These are the top five text scams reported by the FTC: Copycat bank fraud prevention alerts Bogus "gifts" that can cost you Fake package delivery problems Phony job offers Not-really-from-Amazon security alerts "People get a text supposedly from a bank asking them to call a number ASAP about suspicious activity or to reply YES or NO to verify whether a transaction was authorized. If they reply, they\'ll get a call from a phony \'fraud department\' claiming they want to \'help get your money back.\' What they really want to do is make unauthorized transfers. "What\'s more, they may ask for personal information like Social Security numbers, setting people up for possible identity theft." Fake gift card offers took second place, followed by phony package delivery problems. "Scammers understand how our shopping habits have changed and have updated their sleazy tactics accordingly," the FTC says. "People may get a text pretending to be from the U.S. Postal Service, FedEx, or UPS claiming there\'s a problem with a delivery. "The text links to a convincing-looking – but utterly bogus – website that asks for a credit card number to cover a small \'redelivery fee.\'" Scammers also target job seekers with bogus job offers in an attempt to steal their money and personal information. "With workplaces in transition, some scammers are using texts to perpetrate old-school forms of fraud – for example, fake \'mystery shopper\' jobs or bogus money-making offers for driving around with cars wrapped in ads," the report says. "Other texts target people who post their resumes on employment websites. They claim to offer jobs and even send job seekers checks, usually with instructions to send some of the money to a different address for materials, training, or the like. By the time the check bounces, the person\'s money – and the phony \'employer\' – are long gone." Finally, scammers impersonate Amazon and send fake security alerts to trick victims into sending money. "People may get what looks like a message from \'Amazon,\' asking to verify a big-ticket order they didn\'t place," the FTC says. "Concerned ]]> 2023-06-27T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-26-eyes-open-the-ftc-reveals-the-latest-top-five-text-message-scams www.secnews.physaphae.fr/article.php?IdArticle=8349704 False Ransomware,Spam,Malware,Hack,Tool,Threat ChatGPT,ChatGPT,APT 15,APT 28,FedEx 2.0000000000000000 SlashNext - Cyber Firm CISOS de plus en plus préoccupés par les menaces mobiles CISOs Increasingly Concerned About Mobile Threats Un nouvel avertissement de Verizon de la montée en puissance des smirs, des messages texte et des escroqueries par texte et du FBI signalent 10,3 milliards de dollars de fraude sur Internet l'année dernière, les CISO sont de plus en plus préoccupés par les menaces mobiles ciblant les employés et l'impact sur leur organisation.La montée en puissance du smirage, des messages texte de spam et des escroqueries par texte.Dans une enquête récente [& # 8230;] Le post CISOS de plus en plus préoccupé par les menaces mobiles : //slashnext.com "> slashnext .

>A new warning from Verizon about the rise of smishing, spam text messages and text scams and the FBI reporting $10.3 billion in internet fraud last year, CISOs are increasingly concerned about mobile threats targeting employees and the impact to their organization. The rise of smishing, spam text messages and text scams. In recent survey […] The post CISOs Increasingly Concerned About Mobile Threats first appeared on SlashNext.]]> 2023-06-23T21:30:46+00:00 https://slashnext.com/blog/cisos-increasingly-concerned-about-mobile-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8386745 False Spam APT 15 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Données UPS récoltées pour les attaques de phishing SMS UPS Data Harvested for SMS Phishing Attacks récolte Données de livraison UPS réelles d'un outil de suivi canadien pour son phishing sms.

I get UPS phishing spam on my phone all the time. I never click on it, because it’s so obviously spam. Turns out that hackers have been harvesting actual UPS delivery data from a Canadian tracking tool for its phishing SMSs.]]> 2023-06-23T14:55:41+00:00 https://www.schneier.com/blog/archives/2023/06/ups-data-harvested-for-sms-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8348531 False Spam,Tool None 2.0000000000000000 knowbe4 - cybersecurity services Cyberheistnews Vol 13 # 25 [empreintes digitales partout] Les informations d'identification volées sont la cause profonde n ° 1 des violations de données CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

CyberheistNews Vol 13 #25 | June 20th, 2023 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches Verizon\'s DBIR always has a lot of information to unpack, so I\'ll continue my review by covering how stolen credentials play a role in attacks. This year\'s Data Breach Investigations Report has nearly 1 million incidents in their data set, making it the most statistically relevant set of report data anywhere. So, what does the report say about the most common threat actions that are involved in data breaches? Overall, the use of stolen credentials is the overwhelming leader in data breaches, being involved in nearly 45% of breaches – this is more than double the second-place spot of "Other" (which includes a number of types of threat actions) and ransomware, which sits at around 20% of data breaches. According to Verizon, stolen credentials were the "most popular entry point for breaches." As an example, in Basic Web Application Attacks, the use of stolen credentials was involved in 86% of attacks. The prevalence of credential use should come as no surprise, given the number of attacks that have focused on harvesting online credentials to provide access to both cloud platforms and on-premises networks alike. And it\'s the social engineering attacks (whether via phish, vish, SMiSh, or web) where these credentials are compromised - something that can be significantly diminished by engaging users in security awareness training to familiarize them with common techniques and examples of attacks, so when they come across an attack set on stealing credentials, the user avoids becoming a victim. Blog post with links:https://blog.knowbe4.com/stolen-credentials-top-breach-threat [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist Now there\'s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform! The new PhishER Blocklist feature lets you use reported messages to prevent future malicious email with the same sender, URL or attachment from reaching other users. Now you can create a unique list of blocklist entries and dramatically improve your Microsoft 365 email filters without ever l]]> 2023-06-20T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-25-fingerprints-all-over-stolen-credentials-are-the-no1-root-cause-of-data-breaches www.secnews.physaphae.fr/article.php?IdArticle=8347292 False Ransomware,Data Breach,Spam,Malware,Hack,Vulnerability,Threat,Cloud ChatGPT,ChatGPT 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les e-mails de spam sur iPhone How to stop spam emails on iPhone comment arrêter les e-mails de spam sur iPhone Lire la suite "

> How to stop spam emails on iPhone Read More "]]> 2023-06-16T11:20:51+00:00 https://blog.incogni.com/stop-spam-emails-iphone/ www.secnews.physaphae.fr/article.php?IdArticle=8347352 False Spam None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 # 24 [Le biais de l'esprit \\] le prétexage dépasse désormais le phishing dans les attaques d'ingénierie sociale CyberheistNews Vol 13 #24 [The Mind\\'s Bias] Pretexting Now Tops Phishing in Social Engineering Attacks

CyberheistNews Vol 13 #24 | June 13th, 2023 [The Mind\'s Bias] Pretexting Now Tops Phishing in Social Engineering Attacks The New Verizon DBIR is a treasure trove of data. As we will cover a bit below, Verizon reported that 74% of data breaches Involve the "Human Element," so people are one of the most common factors contributing to successful data breaches. Let\'s drill down a bit more in the social engineering section. They explained: "Now, who has received an email or a direct message on social media from a friend or family member who desperately needs money? Probably fewer of you. This is social engineering (pretexting specifically) and it takes more skill. "The most convincing social engineers can get into your head and convince you that someone you love is in danger. They use information they have learned about you and your loved ones to trick you into believing the message is truly from someone you know, and they use this invented scenario to play on your emotions and create a sense of urgency. The DBIR Figure 35 shows that Pretexting is now more prevalent than Phishing in Social Engineering incidents. However, when we look at confirmed breaches, Phishing is still on top." A social attack known as BEC, or business email compromise, can be quite intricate. In this type of attack, the perpetrator uses existing email communications and information to deceive the recipient into carrying out a seemingly ordinary task, like changing a vendor\'s bank account details. But what makes this attack dangerous is that the new bank account provided belongs to the attacker. As a result, any payments the recipient makes to that account will simply disappear. BEC Attacks Have Nearly Doubled It can be difficult to spot these attacks as the attackers do a lot of preparation beforehand. They may create a domain doppelganger that looks almost identical to the real one and modify the signature block to show their own number instead of the legitimate vendor. Attackers can make many subtle changes to trick their targets, especially if they are receiving many similar legitimate requests. This could be one reason why BEC attacks have nearly doubled across the DBIR entire incident dataset, as shown in Figure 36, and now make up over 50% of incidents in this category. Financially Motivated External Attackers Double Down on Social Engineering Timely detection and response is crucial when dealing with social engineering attacks, as well as most other attacks. Figure 38 shows a steady increase in the median cost of BECs since 2018, now averaging around $50,000, emphasizing the significance of quick detection. However, unlike the times we live in, this section isn\'t all doom and ]]> 2023-06-13T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-24-the-minds-bias-pretexting-now-tops-phishing-in-social-engineering-attacks www.secnews.physaphae.fr/article.php?IdArticle=8344804 False Spam,Malware,Vulnerability,Threat,Patching ChatGPT,ChatGPT,APT 43,APT 37,Uber 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter le spam du calendrier iPhone How to stop iPhone calendar spam comment arrêter le spam du calendrier iPhone Lire la suite "

> How to stop iPhone calendar spam Read More "]]> 2023-06-09T10:51:56+00:00 https://blog.incogni.com/stop-spam-iphone-calendar/ www.secnews.physaphae.fr/article.php?IdArticle=8346073 False Spam None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les messages texte du spam sur Samsung How to stop spam text messages on Samsung How to stop spam text messages on Samsung Read More "]]> 2023-06-09T09:55:20+00:00 https://blog.incogni.com/stop-spam-texts-samsung/ www.secnews.physaphae.fr/article.php?IdArticle=8346074 False Spam None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les e-mails de spam dans gmail How to stop spam emails in Gmail comment arrêter les e-mails de spam dans gmail Lire la suite "

> How to stop spam emails in Gmail Read More "]]> 2023-06-09T09:37:33+00:00 https://blog.incogni.com/stop-spam-emails-gmail/ www.secnews.physaphae.fr/article.php?IdArticle=8346075 False Spam None 2.0000000000000000 CVE Liste - Common Vulnerability Exposure CVE-2021-4337 2023-06-07T13:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4337 www.secnews.physaphae.fr/article.php?IdArticle=8343044 False Spam None None CVE Liste - Common Vulnerability Exposure CVE-2023-2187 2023-06-07T07:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2187 www.secnews.physaphae.fr/article.php?IdArticle=8342987 False Spam,Vulnerability None None CVE Liste - Common Vulnerability Exposure CVE-2021-4350 The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated HTML Injection in versions up to, and including, 18.2. This is due to lacking authentication protections on the wpfm_send_file_in_email AJAX action. This makes it possible for unauthenticated attackers to send emails using the site with a custom subject, recipient email, and body with unsanitized HTML content. This effectively lets the attacker use the site as a spam relay.]]> 2023-06-07T02:15:13+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4350 www.secnews.physaphae.fr/article.php?IdArticle=8342874 False Spam None None Krebs on Security - Chercheur Américain Les loyers du service ont des adresses e-mail pour les inscriptions de compte Service Rents Email Addresses for Account Signups One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.]]> 2023-06-06T20:09:13+00:00 https://krebsonsecurity.com/2023/06/service-rents-email-addresses-for-account-signups/ www.secnews.physaphae.fr/article.php?IdArticle=8342709 False Spam None 2.0000000000000000 CVE Liste - Common Vulnerability Exposure CVE-2023-2488 The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape various parameters before outputting them back in admin dashboard pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin]]> 2023-06-05T14:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2488 www.secnews.physaphae.fr/article.php?IdArticle=8342232 False Spam None None CVE Liste - Common Vulnerability Exposure CVE-2023-2489 The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)]]> 2023-06-05T14:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2489 www.secnews.physaphae.fr/article.php?IdArticle=8342233 False Spam None None Recorded Future - FLux Recorded Future Le botnet brésilien cible les espagnols à travers les Amériques, dit Cisco Brazil-based botnet targets Spanish-speakers across Americas, Cisco says

Les pirates soupçonnés de vivre au Brésil utilisent un botnet non identifié auparavant appelé à cibler les boîtes de réception par e-mail des espagnols à travers les Amériques.Des chercheurs de l'équipe de sécurité de Talos de Cisco \\ ont déclaré que le botnet, appelé «Horabot», livre un outil de chevaux de Troie et de spam bancaire sur une campagne qui se déroule depuis

Hackers suspected to be living in Brazil are using a previously unidentified botnet called to target the email inboxes of Spanish speakers across the Americas. Researchers from Cisco\'s Talos security team said the botnet, called “Horabot,” delivers a banking trojan and spam tool onto victim machines in a campaign that has been running since at]]> 2023-06-02T18:23:00+00:00 https://therecord.media/horabot-botnet-banking-trojan-brazil-spanish-speaking-victims www.secnews.physaphae.fr/article.php?IdArticle=8341632 False Spam,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain New Horabot Campaign prend le relais Gmail de la victime, les comptes Outlook New Horabot campaign takes over victim\\'s Gmail, Outlook accounts A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool. [...]]]> 2023-06-01T16:54:40+00:00 https://www.bleepingcomputer.com/news/security/new-horabot-campaign-takes-over-victims-gmail-outlook-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8341327 False Spam,Malware None 2.0000000000000000 CVE Liste - Common Vulnerability Exposure CVE-2023-24008 2023-05-26T13:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24008 www.secnews.physaphae.fr/article.php?IdArticle=8339621 False Spam,Vulnerability None None AhnLab - Korean Security Firm Strelastealer en cours de distribution aux utilisateurs espagnols StrelaStealer Being Distributed To Spanish Users Ahnlab Security Emergency Response Center (ASEC) a récemment confirmé que l'infosaler de Strelastealer est distribué aux utilisateurs espagnols des utilisateurs espagnols.Strelastealer a été initialement découvert vers novembre 2022 et a été distribué en pièce jointe aux e-mails de spam.Dans le passé, les fichiers ISO ont été utilisés comme pièces jointes, mais récemment, les fichiers ZIP ont été utilisés à la place.Figure 1. Email distribué L'e-mail qui est distribué est similaire à celui illustré à la figure 1. Le corps du courrier électronique et le nom du ...

AhnLab Security Emergency response Center (ASEC) analysis team has recently confirmed the StrelaStealer Infostealer being distributed to Spanish users. StrelaStealer was initially discovered around November 2022 and has been distributed as an attachment to spam emails. In the past, ISO files were used as attachments, but recently, ZIP files have been utilized instead. Figure 1. Distributed email The email that is being distributed is similar to the one shown in Figure 1. The email body and the name of the... ]]> 2023-05-23T02:30:00+00:00 https://asec.ahnlab.com/en/53158/ www.secnews.physaphae.fr/article.php?IdArticle=8338600 False Spam None 2.0000000000000000 AhnLab - Korean Security Firm DarkCloud Infosserner en cours de distribution via des e-mails de spam DarkCloud Infostealer Being Distributed via Spam Emails Ahnlab Security Emergency Response Center (ASEC) a récemment découvert que le malware DarkCloud était distribué par e-mail de spam.DarkCloud est un infostecteur qui vole les informations d'identification du compte enregistrées sur les systèmes infectés, et l'acteur de menace a installé Clipbanker aux côtés de DarkCloud.1. Méthode de distribution L'acteur de menace a envoyé l'e-mail suivant pour inciter les utilisateurs à télécharger et à exécuter la pièce jointe.Le contenu de cet e-mail invite les utilisateurs à vérifier la copie jointe de la déclaration de paiement envoyée au compte de la société.Quand l'attachement ...

AhnLab Security Emergency response Center (ASEC) has recently discovered the DarkCloud malware being distributed via spam email. DarkCloud is an Infostealer that steals account credentials saved on infected systems, and the threat actor installed ClipBanker alongside DarkCloud. 1. Distribution Method The threat actor sent the following email to induce users to download and execute the attachment. The contents of this email prompt users to check the attached copy of the payment statement sent to the company account. When the attachment... ]]> 2023-05-23T00:30:00+00:00 https://asec.ahnlab.com/en/53128/ www.secnews.physaphae.fr/article.php?IdArticle=8338602 False Spam,Malware,Threat None 2.0000000000000000 Krebs on Security - Chercheur Américain Entretien avec une crypto Scam Investment Spammez Interview With a Crypto Scam Investment Spammer Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.]]> 2023-05-23T00:15:30+00:00 https://krebsonsecurity.com/2023/05/interview-with-a-crypto-scam-investment-spammer/ www.secnews.physaphae.fr/article.php?IdArticle=8338566 False Spam None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les textes de spam sur Android How to stop spam texts on Android comment arrêter les textes de spam sur Android Lire la suite & # 187;

> How to stop spam texts on Android Read More »]]> 2023-05-19T09:59:50+00:00 https://blog.incogni.com/stop-spam-texts-android/ www.secnews.physaphae.fr/article.php?IdArticle=8339598 False Spam None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite FAKECALLS: Les appels de spam qui fonctionnent vraiment FakeCalls: the Spam Calls that Really Work Résumé: Pour tous les appels de spam ridicules dans le monde, mais un petit pourcentage d'entre eux sont en fait, légitimement, convaincants.Selon le gouvernement coréen, le «phishing vocal» compromet près de 200 citoyens coréens chaque jour, avec des pertes financières moyennes d'environ 8 500 dollars de coréen a gagné.Si c'est que le succès, les escrocs font quelque chose de bien.[& # 8230;]

>Abstract: For all the ridiculous spam calls in the world, but a small percentage of them are actually, legitimately, convincing. According to the Korean government, “voice phishing” compromises nearly 200 Korean citizens every day, with average financial losses around 8,500 dollars worth of Korean won.If it\'s that successful, surely, the scammers are doing something right. […] ]]> 2023-05-17T01:21:05+00:00 https://research.checkpoint.com/2023/fakecalls-the-spam-calls-that-really-work/ www.secnews.physaphae.fr/article.php?IdArticle=8337228 False Spam None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 # 20 [pied dans la porte] Les escroqueries de phishing du Q1 2023 \\ |Infographie CyberheistNews Vol 13 #20 [Foot in the Door] The Q1 2023\\'s Top-Clicked Phishing Scams | INFOGRAPHIC

CyberheistNews Vol 13 #20 | May 16th, 2023 [Foot in the Door] The Q1 2023\'s Top-Clicked Phishing Scams | INFOGRAPHIC KnowBe4\'s latest reports on top-clicked phishing email subjects have been released for Q1 2023. We analyze "in the wild" attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, top attack vector types, and holiday email phishing subjects. IT and Online Services Emails Drive Dangerous Attack Trend This last quarter\'s results reflect the shift to IT and online service notifications such as laptop refresh or account suspension notifications that can affect your end users\' daily work. Cybercriminals are constantly increasing the damage they cause to organizations by luring unsuspecting employees into clicking on malicious links or downloading fake attachments that seem realistic. Emails that are disguised as coming from an internal source, such as the IT department, are especially dangerous because they appear to come from a trusted place where an employee would not necessarily question it or be as skeptical. Building up your organization\'s human firewall by fostering a strong security culture is essential to outsmart bad actors. The report covers the following: Common "In-The-Wild" Emails for Q1 2023 Top Phishing Email Subjects Globally Top 5 Attack Vector Types Top 10 Holiday Phishing Email Subjects in Q1 2023 This post has a full PDF infographic you can download and share with your users:https://blog.knowbe4.com/q1-2023-top-clicked-phishing [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist Now there\'s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform! The new PhishER Blocklist feature lets you use reported messages to prevent future malicious email with the same sender, URL or attachment from reaching other users. Now you can create a unique list of blocklist entries and dramatically improve your Microsoft 365 email filters without ever leaving the PhishER console. Join us TOMORROW, Wednesday, May 17, @ 2:00 PM (ET) for a l]]> 2023-05-16T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-20-foot-in-the-door-the-q1-2023s-top-clicked-phishing-scams-infographic www.secnews.physaphae.fr/article.php?IdArticle=8336951 False Ransomware,Spam,Malware,Hack,Tool,Threat None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC CISOS: Comment améliorer la cybersécurité dans un paysage de menaces en constante évolution CISOs: How to improve cybersecurity in an ever-changing threat landscape a report from Malwarebytes, 20% of companies reported that a remote worker had caused a security breach. In comparison, 55% cited training employees in security protocols as a major challenge in transitioning to work-from-home infrastructure. Because the shift to hybrid and remote work happened quickly and with an eye for ease of access over security, employees working offsite can pose a great risk to an organization if not provided with adequate cybersecurity training and policies. AI and machine learning are also on the rise, increasingly being utilized by businesses and cybercriminals alike. It is important to recognize that while AI enhancements can provide aid, there is no replacement for the human element in developing a cybersecurity strategy. Understanding and deploying AI and machine learning tools can not only help with fraud detection, spam filtering, and data leak prevention, but it can allow a security officer insight into cybercriminals’ use of the tools. Increasing awareness of the criminal toolkit and operations provides an opportunity to get ahead of threat trends and potentially prevent attacks and breaches. Another major issue is the shortage of qualified cybersecurity professionals leading to a significant struggle with recruitment and retention. In a Fortinet report, 60% of respondents said they were struggling to recruit cybersecurity talent, and 52% said they were struggling to retain qualified people. In the same survey, around two-thirds of organization leaders agreed that the shortage “creates additional risk.” Many factors work in tandem to perpetuate the problem, but the solution doesn’t have to be complicated. Ensuring your employees have a healthy work environment goes a long way, as well as tweaking hiring practices to select “adaptable, highly communicative and curious” people, as these traits make for an employee who will grow and learn with your company. Tips for improving cybersecurity One of the top priorities for CISOs should always be to ensure that all employees are properly trained in cyber hygiene and cybersecurity best practices. Insider threats are a serious issue with no easy solution, and a good number of those (more than half, according to one report) are mistakes due to negligence or ignorance. Traditional threat prevention solutions are often concerned with ]]> 2023-05-15T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/cisos-how-to-improve-cybersecurity-in-an-ever-changing-threat-landscape www.secnews.physaphae.fr/article.php?IdArticle=8336704 False Data Breach,Spam,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Classement Top Malware Check Point avril 2023 : Qbot lance une importante campagne de spam et Mirai fait son grand retour Malwares]]> 2023-05-15T08:41:56+00:00 https://www.globalsecuritymag.fr/Classement-Top-Malware-Check-Point-avril-2023-Qbot-lance-une-importante.html www.secnews.physaphae.fr/article.php?IdArticle=8336555 False Spam,Malware None 2.0000000000000000 GoogleSec - Firm Security Blog E / S 2023: Ce qui est nouveau dans la sécurité et la confidentialité d'Android I/O 2023: What\\'s new in Android security and privacy 1. Safe Browsing isn\'t just getting faster at warning users. We\'ve also been building in more intelligence, leveraging Google\'s advances in AI. Last year, Chrome browser on Android and desktop started utilizing a new image-based phishing detection machine learning model to visually inspect fake sites that try to pass themselves off as legitimate log-in pages. By leveraging a TensorFlow Lite model, we\'re able to find 3x more2 phishing sites compared to previous machine learning models and help warn you before you get tricked into signing in. This year, we\'re expanding the coverage of the model to detect hundreds of more phishing campaigns and leverage new ML technologies. This is just one example of how we use our AI expertise to keep your data safe. Last year, Android used AI to protect users from 100 billion suspected spam messages and calls.3 Passkeys helps move users beyond passwords For many, passwords are the primary protection for their online life. In reality, they are frustrating to create, remember and are easily hacked. But hackers can\'t phish a password that doesn\'t exist. Which is why we are excited to share another major step forward in our passwordless journey: Passkeys. ]]> 2023-05-10T14:59:36+00:00 http://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html www.secnews.physaphae.fr/article.php?IdArticle=8335428 False Spam,Malware,Tool None 3.0000000000000000 knowbe4 - cybersecurity services Cyberheistnews Vol 13 # 19 [Watch Your Back] Nouvelle fausse erreur de mise à jour Chrome Attaque cible vos utilisateurs CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

CyberheistNews Vol 13 #19 | May 9th, 2023 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages. "Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message," Trend Micro warns. "The attack campaign has been operational since February 2023 and has a large impact area." The message displayed reads, "UPDATE EXCEPTION. An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update." A link is provided at the bottom of the bogus error message that takes the user to what\'s misrepresented as a link that will support a Chrome manual update. In fact the link will download a ZIP file that contains an EXE file. The payload is a cryptojacking Monero miner. A cryptojacker is bad enough since it will drain power and degrade device performance. This one also carries the potential for compromising sensitive information, particularly credentials, and serving as staging for further attacks. This campaign may be more effective for its routine, innocent look. There are no spectacular threats, no promises of instant wealth, just a notice about a failed update. Users can become desensitized to the potential risks bogus messages concerning IT issues carry with them. Informed users are the last line of defense against attacks like these. New school security awareness training can help any organization sustain that line of defense and create a strong security culture. Blog post with links:https://blog.knowbe4.com/fake-chrome-update-error-messages A Master Class on IT Security: Roger A. Grimes Teaches You Phishing Mitigation Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they\'re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Join Roger A. Grimes, KnowBe4\'s Data-Driven Defense Evangelist, ]]> 2023-05-09T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-19-watch-your-back-new-fake-chrome-update-error-attack-targets-your-users www.secnews.physaphae.fr/article.php?IdArticle=8334782 False Ransomware,Data Breach,Spam,Malware,Tool,Threat,Prediction ChatGPT,ChatGPT,NotPetya,NotPetya,APT 28 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Empêcher des attaques de phishing sophistiquées destinées aux employés Preventing sophisticated phishing attacks aimed at employees can spoof email addresses and bots sound like humans. It’s becoming challenging for employees to tell if their emails are real or fake, which puts the company at risk of data breaches. In March 2023, an artificial intelligence chatbot called GPT-4 received an update that lets users give specific instructions about styles and tasks. Attackers can use it to pose as employees and send convincing messages since it sounds intelligent and has general knowledge of any industry. Since classic warning signs of phishing attacks aren’t applicable anymore, companies should train all employees on the new, sophisticated methods. As phishing attacks change, so should businesses. Identify the signs Your company can take preventive action to secure its employees against attacks. You need to make it difficult for hackers to reach them, and your company must train them on warning signs. While blocking spam senders and reinforcing security systems is up to you, they must know how to identify and report themselves. You can prevent data breaches if employees know what to watch out for: Misspellings: While it’s becoming more common for phishing emails to have the correct spelling, employees still need to look for mistakes. For example, they could look for industry-specific language because everyone in their field should know how to spell those words. Irrelevant senders: Workers can identify phishing — even when the email is spoofed to appear as someone they know — by asking themselves if it is relevant. They should flag the email as a potential attack if the sender doesn’t usually reach out to them or is someone in an unrelated department. Attachments: Hackers attempt to install malware through links or downloads. Ensure every employee knows they shouldn\'t click on them. Odd requests: A sophisticated phishing attack has relevant messages and proper language, but it is somewhat vague because it goes to multiple employees at once. For example, they could recognize it if it’s asking them to do something unrelated to their role. It may be harder for people to detect warning signs as attacks evolve, but you can prepare them for those situations as well as possible. It’s unlikely hackers have access to their specific duties or the inner workings of your company, so you must capitalize on those details. Sophisticated attacks will sound intelligent and possibly align with their general duties, so everyone must constantly be aware. Training will help employees identify signs, but you need to take more preventive action to ensure you’re covered. Take preventive action Basic security measures — like regularly updating passwords and running antivirus software — are fundamental to protecting your company. For example, everyone should change their passwords once every three months at minimum to ensur]]> 2023-05-08T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/preventing-sophisticated-phishing-attacks-aimed-at-employees www.secnews.physaphae.fr/article.php?IdArticle=8334232 False Spam,Malware ChatGPT 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les appels de risques de spam How to stop spam risk calls comment arrêter les appels de risque de spam En savoir plus & # 187;

> How to stop spam risk calls Read More »]]> 2023-04-28T06:55:57+00:00 https://blog.incogni.com/stop-spam-risk-calls/ www.secnews.physaphae.fr/article.php?IdArticle=8332833 True Spam None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les appels de spam sur la ligne fixe How to stop spam calls on landline comment arrêter les appels de spam surFINDINE En savoir plus & # 187;

> How to stop spam calls on landline Read More »]]> 2023-04-27T15:15:04+00:00 https://blog.incogni.com/stop-spam-calls-on-landline/ www.secnews.physaphae.fr/article.php?IdArticle=8331877 True Spam None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les textes de spam sur iPhone How to stop spam texts on iPhone comment arrêter les textes de spam suriPhone Lire la suite & # 187;

> How to stop spam texts on iPhone Read More »]]> 2023-04-27T14:59:18+00:00 https://blog.incogni.com/stop-spam-texts-on-iphone/ www.secnews.physaphae.fr/article.php?IdArticle=8331878 False Spam None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les textes de spam sur AT&T How to stop spam texts on AT&T Comment arrêter les textes de spam sur AT & # 038; t Lire la suite & # 187;

Hey, AT&T customer, are you inundated by spam text messages? You\'re not the only one. Luckily, there are several ways to fight text spam-and you don\'t have to be a tech wizard to do it. In this article, we\'ll discuss five effective methods to stop spam texts on AT&T. Method #1: Blocking unwanted text messages … How to stop spam texts on AT&T Read More »]]> 2023-04-27T14:22:44+00:00 https://blog.incogni.com/stop-spam-texts-on-att/ www.secnews.physaphae.fr/article.php?IdArticle=8331879 False Spam None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment arrêter les appels de spam et les robocaux sur Android How to Stop Spam Calls and Robocalls on Android comment arrêter les appels de spam etRobocalls sur Android en savoir plus & # 187;

> How to Stop Spam Calls and Robocalls on Android Read More »]]> 2023-04-27T14:21:31+00:00 https://blog.incogni.com/stop-spam-calls-on-android/ www.secnews.physaphae.fr/article.php?IdArticle=8331880 False Spam None 2.0000000000000000 Anomali - Firm Blog Anomali Cyber Watch: Deux attaques de la chaîne d'approvisionnement enchaînées, leurre de communication DNS furtive de chien, Evilextractor exfiltrates sur le serveur FTP Anomali Cyber Watch: Two Supply-Chain Attacks Chained Together, Decoy Dog Stealthy DNS Communication, EvilExtractor Exfiltrates to FTP Server Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters (published: April 21, 2023) A new Monero cryptocurrency-mining campaign is the first recorded case of gaining persistence via Kubernetes (K8s) Role-Based Access Control (RBAC), according to Aquasec researchers. The recorded honeypot attack started with exploiting a misconfigured API server. The attackers preceded by gathering information about the cluster, checking if their cluster was already deployed, and deleting some existing deployments. They used RBAC to gain persistence by creating a new ClusterRole and a new ClusterRole binding. The attackers then created a DaemonSet to use a single API request to target all nodes for deployment. The deployed malicious image from the public registry Docker Hub was named to impersonate a legitimate account and a popular legitimate image. It has been pulled 14,399 times and 60 exposed K8s clusters have been found with signs of exploitation by this campaign. Analyst Comment: Your company should have protocols in place to ensure that all cluster management and cloud storage systems are properly configured and patched. K8s buckets are too often misconfigured and threat actors realize there is potential for malicious activity. A defense-in-depth (layering of security mechanisms, redundancy, fail-safe defense processes) approach is a good mitigation step to help prevent actors from highly-active threat groups. MITRE ATT&CK: [MITRE ATT&CK] T1190 - Exploit Public-Facing Application | [MITRE ATT&CK] T1496 - Resource Hijacking | [MITRE ATT&CK] T1036 - Masquerading | [MITRE ATT&CK] T1489 - Service Stop Tags: Monero, malware-type:Cryptominer, detection:PUA.Linux.XMRMiner, file-type:ELF, abused:Docker Hub, technique:RBAC Buster, technique:Create ClusterRoleBinding, technique:Deploy DaemonSet, target-system:Linux, target:K8s, target:Kubernetes RBAC 3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible (published: April 20, 2023) Investigation of the previously-reported 3CX supply chain compromise (March 2023) allowed Mandiant researchers to detect it was a result of prior software supply chain attack using a trojanized installer for X_TRADER, a software package provided by Trading Technologies. The attack involved the publicly-available tool SigFlip decrypting RC4 stream-cipher and starting publicly-available DaveShell shellcode for reflective loading. It led to installation of the custom, modular VeiledSignal backdoor. VeiledSignal additional modules inject the C2 module in a browser process instance, create a Windows named pipe and]]> 2023-04-25T18:22:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-two-supply-chain-attacks-chained-together-decoy-dog-stealthy-dns-communication-evilextractor-exfiltrates-to-ftp-server www.secnews.physaphae.fr/article.php?IdArticle=8331005 False Ransomware,Spam,Malware,Tool,Threat,Cloud APT 38,ChatGPT,APT 43,Uber 2.0000000000000000 knowbe4 - cybersecurity services Cyberheistnews Vol 13 # 17 [Head Start] Méthodes efficaces Comment enseigner l'ingénierie sociale à une IA CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

CyberheistNews Vol 13 #16 | April 18th, 2023 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz Curiosity leads people to suspend their better judgment as a new campaign of credential theft exploits a person\'s excitement about the newest AI systems not yet available to the general public. On Tuesday morning, April 11th, Veriti explained that several unknown actors are making false Facebook ads which advertise a free download of AIs like ChatGPT and Google Bard. Veriti writes "These posts are designed to appear legitimate, using the buzz around OpenAI language models to trick unsuspecting users into downloading the files. However, once the user downloads and extracts the file, the Redline Stealer (aka RedStealer) malware is activated and is capable of stealing passwords and downloading further malware onto the user\'s device." Veriti describes the capabilities of the Redline Stealer malware which, once downloaded, can take sensitive information like credit card numbers, passwords, and personal information like user location, and hardware. Veriti added "The malware can upload and download files, execute commands, and send back data about the infected computer at regular intervals." Experts recommend using official Google or OpenAI websites to learn when their products will be available and only downloading files from reputable sources. With the rising use of Google and Facebook ads as attack vectors experts also suggest refraining from clicking on suspicious advertisements promising early access to any product on the Internet. Employees can be helped to develop sound security habits like these by stepping them through monthly social engineering simulations. Blog post with links:https://blog.knowbe4.com/ai-hype-used-for-phishbait [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist Now there\'s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform! The new PhishER Blocklist feature lets you use reported messages to prevent future malicious email with the same sender, URL or attachment from reaching other users. Now you can create a unique list of blocklist entries and dramatically improve your Microsoft 365 email filters with]]> 2023-04-25T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-17-head-start-effective-methods-how-to-teach-social-engineering-to-an-ai www.secnews.physaphae.fr/article.php?IdArticle=8330904 False Spam,Malware,Hack,Threat ChatGPT,ChatGPT,APT 28 3.0000000000000000 knowbe4 - cybersecurity services Cyberheistnews Vol 13 # 16 [doigt sur le pouls]: comment les phishers tirent parti de l'IA récent Buzz CyberheistNews Vol 13 #16 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz

CyberheistNews Vol 13 #16 | April 18th, 2023 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz Curiosity leads people to suspend their better judgment as a new campaign of credential theft exploits a person\'s excitement about the newest AI systems not yet available to the general public. On Tuesday morning, April 11th, Veriti explained that several unknown actors are making false Facebook ads which advertise a free download of AIs like ChatGPT and Google Bard. Veriti writes "These posts are designed to appear legitimate, using the buzz around OpenAI language models to trick unsuspecting users into downloading the files. However, once the user downloads and extracts the file, the Redline Stealer (aka RedStealer) malware is activated and is capable of stealing passwords and downloading further malware onto the user\'s device." Veriti describes the capabilities of the Redline Stealer malware which, once downloaded, can take sensitive information like credit card numbers, passwords, and personal information like user location, and hardware. Veriti added "The malware can upload and download files, execute commands, and send back data about the infected computer at regular intervals." Experts recommend using official Google or OpenAI websites to learn when their products will be available and only downloading files from reputable sources. With the rising use of Google and Facebook ads as attack vectors experts also suggest refraining from clicking on suspicious advertisements promising early access to any product on the Internet. Employees can be helped to develop sound security habits like these by stepping them through monthly social engineering simulations. Blog post with links:https://blog.knowbe4.com/ai-hype-used-for-phishbait [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist Now there\'s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform! The new PhishER Blocklist feature lets you use reported messages to prevent future malicious email with the same sender, URL or attachment from reaching other users. Now you can create a unique list of blocklist entries and dramatically improve your Microsoft 365 email filters without ever leav]]> 2023-04-18T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-16-finger-on-the-pulse-how-phishers-leverage-recent-ai-buzz www.secnews.physaphae.fr/article.php?IdArticle=8328885 False Spam,Malware,Hack,Threat ChatGPT,ChatGPT,APT 28 3.0000000000000000 Dark Reading - Informationweek Branch Le malware de la Légion marche sur les serveurs Web pour voler des informations d'identification, les utilisateurs de spam mobiles Legion Malware Marches onto Web Servers to Steal Credentials, Spam Mobile Users A novel credential harvester compromises SMTP services to steal data from a range of hosted services and providers, and can also launch SMS-based spam attacks against devices using US mobile carriers.]]> 2023-04-13T15:24:00+00:00 https://www.darkreading.com/cloud/legion-malware-marches-web-servers-steal-credentials-spam-mobile www.secnews.physaphae.fr/article.php?IdArticle=8327490 False Spam,Malware None 2.0000000000000000 knowbe4 - cybersecurity services Cyberheistnews Vol 13 # 15 [Le nouveau visage de la fraude] FTC fait la lumière sur les escroqueries d'urgence familiale améliorées AI-AI CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

CyberheistNews Vol 13 #15 | April 11th, 2023 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams The Federal Trade Commission is alerting consumers about a next-level, more sophisticated family emergency scam that uses AI which imitates the voice of a "family member in distress." They started out with: "You get a call. There\'s a panicked voice on the line. It\'s your grandson. He says he\'s in deep trouble - he wrecked the car and landed in jail. But you can help by sending money. You take a deep breath and think. You\'ve heard about grandparent scams. But darn, it sounds just like him. How could it be a scam? Voice cloning, that\'s how." "Don\'t Trust The Voice" The FTC explains: "Artificial intelligence is no longer a far-fetched idea out of a sci-fi movie. We\'re living with it, here and now. A scammer could use AI to clone the voice of your loved one. All he needs is a short audio clip of your family member\'s voice - which he could get from content posted online - and a voice-cloning program. When the scammer calls you, he\'ll sound just like your loved one. "So how can you tell if a family member is in trouble or if it\'s a scammer using a cloned voice? Don\'t trust the voice. Call the person who supposedly contacted you and verify the story. Use a phone number you know is theirs. If you can\'t reach your loved one, try to get in touch with them through another family member or their friends." Full text of the alert is at the FTC website. Share with friends, family and co-workers:https://blog.knowbe4.com/the-new-face-of-fraud-ftc-sheds-light-on-ai-enhanced-family-emergency-scams A Master Class on IT Security: Roger A. Grimes Teaches Ransomware Mitigation Cybercriminals have become thoughtful about ransomware attacks; taking time to maximize your organization\'s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4. With 30+ years of experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making]]> 2023-04-11T13:16:54+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-15-the-new-face-of-fraud-ftc-sheds-light-on-ai-enhanced-family-emergency-scams www.secnews.physaphae.fr/article.php?IdArticle=8326650 False Ransomware,Data Breach,Spam,Malware,Hack,Tool,Threat ChatGPT,ChatGPT 2.0000000000000000 Global Security Mag - Site de news francais Mars 2023 \\'s Mostware le plus recherché: la nouvelle campagne Emotet contourne les Microsoft Blocks pour distribuer des fichiers OneNote malveillants March 2023\\'s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files mise à jour malveillant / / affiche

March 2023\'s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files Check Point Research reports that Emotet Trojan launched a new campaign last month to evade Microsoft\'s macro block, sending spam emails containing malicious OneNote files. Meanwhile Ahmyth was the most prevalent mobile malware and Log4j took top spot once again as the most exploited vulnerability - Malware Update / affiche]]> 2023-04-11T09:43:36+00:00 https://www.globalsecuritymag.fr/March-2023-s-Most-Wanted-Malware-New-Emotet-Campaign-Bypasses-Microsoft-Blocks.html www.secnews.physaphae.fr/article.php?IdArticle=8326566 False Spam,Malware None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain LLMS et phishing LLMs and Phishing Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. It’s an interesting experiment, and the results are likely to vary wildly based on the details of the experiment. But while it’s an easy experiment to run, it misses the real risk of large language models (LLMs) writing scam emails. Today’s human-run scams aren’t limited by the number of people who respond to the initial email contact. They’re limited by the labor-intensive process of persuading those people to send the scammer money. LLMs are about to change that. A decade ago, one type of spam email had become a punchline on every late-night show: “I am the son of the late king of Nigeria in need of your assistance….” Nearly everyone had gotten one or a thousand of those emails, to the point that it seemed everyone must have known they were scams...]]> 2023-04-10T11:23:02+00:00 https://www.schneier.com/blog/archives/2023/04/llms-and-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8326322 False Spam ChatGPT,ChatGPT 4.0000000000000000 Checkpoint - Fabricant Materiel Securite March 2023\'s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files Vérifier les rapports de recherche sur les points selon lesquels Emotet Trojan a lancé une nouvelle campagne le mois dernier pour échapper au bloc macro de Microsoft \\, envoyant des e-mails de spam contenant des fichiers Onenote malveillants.Pendant ce temps, Ahmyth était le logiciel malveillant mobile le plus répandu et Log4j a de nouveau pris la première place comme la vulnérabilité la plus exploitée que notre dernier indice de menace mondial pour mars 2023 a vu les chercheurs découvrir une nouvelle campagne de logiciels malveillants d'Emotet Trojan, qui a augmenté.Comme indiqué plus tôt cette année, les attaquants d'Emotet ont exploré d'autres moyens de distribuer des fichiers malveillants depuis que Microsoft a annoncé qu'ils bloqueraient les macros des fichiers de bureau.[& # 8230;]

>Check Point Research reports that Emotet Trojan launched a new campaign last month to evade Microsoft\'s macro block, sending spam emails containing malicious OneNote files. Meanwhile Ahmyth was the most prevalent mobile malware and Log4j took top spot once again as the most exploited vulnerability Our latest Global Threat Index for March 2023 saw researchers uncover a new malware campaign from Emotet Trojan, which rose to become the second most prevalent malware last month. As reported earlier this year, Emotet attackers have been exploring alternative ways to distribute malicious files since Microsoft announced they will block macros from office files. […] ]]> 2023-04-10T11:00:11+00:00 https://blog.checkpoint.com/security/march-2023s-most-wanted-malware-new-emotet-campaign-bypasses-microsoft-blocks-to-distribute-malicious-onenote-files/ www.secnews.physaphae.fr/article.php?IdArticle=8328340 False Spam,Malware,Vulnerability,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine MALIVE SPAM Campaign Downs NPM Registry Malicious Spam Campaign Downs npm Registry SEO poisoning drives surge in traffic]]> 2023-04-05T08:40:00+00:00 https://www.infosecurity-magazine.com/news/malicious-spam-campaign-npm/ www.secnews.physaphae.fr/article.php?IdArticle=8325000 False Spam None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Fraudeurs chinois: ÉVADER DE DÉTECTION ET MONÉTISATION Chinese fraudsters: evading detection and monetizing stolen credit card information Chinese fraudsters have developed extensive ecosystems for their operations. In a card fraud community targeting Japan and the US, over 96,000 users have joined. For 3,000 Chinese yuan in Bitcoin, individuals can enroll in a bootcamp to learn phishing techniques through recorded videos and access resources for creating phishing sites and profiting from stolen credit cards. According to the community leader, more than 500 students enrolled in the first half of 2022 alone. This leader has made significant profits, receiving 56 BTC over the past three years. Chinese fraudster ecosystem: actor’s value chain The value chain of Card Non-present fraud is shown as the following picture. $actor\'s value chain$ To carry out these activities, Chinese fraudsters establish a value chain for CNP fraud, starting with setting up a secure environment. They anonymize IDs, falsify IP addresses, change time zones and language settings, alter MAC addresses and device IDs, modify user agents, and clear cookies to evade detection by security researchers and bypass various security measures. value chain 2

Fraudsters also use residential proxies, which are infected domestic devices, to access targeted websites indirectly and avoid tracking. These proxies can be purchased from online providers, with payments made via stolen credit cards or bitcoin. By selecting the desired IP address, users can access the target site with a fake IP address, making it difficult to trace their activities. One residential proxy service popular among Chinese fraudsters is "911," which is built using software distributed under the guise of a free VPN service. Once installed, users are unknowingly transformed into valuable residential proxies for fraudsters without their consent. The service offers locations at city granularity to match the target user\'s geographic location. 911 fraud tool

Additionally, fraudsters can select ISP and device fingerprints, such as browser version, operating system, and screen size. This information is usually acquired through phishing, and fraudsters select the ones used by the victims t]]> 2023-04-04T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/chinese-fraudsters-evading-detection-and-monetizing-stolen-credit-card-information www.secnews.physaphae.fr/article.php?IdArticle=8324617 False Spam None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Dridex Malware, le Troie bancaire [Dridex malware, the banking trojan] 2023-03-28T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/dridex-malware-the-banking-trojan www.secnews.physaphae.fr/article.php?IdArticle=8322466 False Spam,Malware,Guideline None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Zoominfo opt et supprimez vos informations [ZoomInfo Opt Out & Remove Your Info] zoominfo opt out & # 038; supprimer vos informations en savoir plus & # 187;

Getting more annoying telemarketing calls and spam emails lately? Could be ZoomInfo doing its thing, making sure your personal information is up-to-date and easily accessible to all. Luckily, ZoomInfo\'s opt-out process is fairly quick and easy, especially if you follow our step-by-step guide. All you have to do is “verify” your work email (after making … ZoomInfo Opt Out & Remove Your Info Read More »]]> 2023-03-27T08:56:44+00:00 https://blog.incogni.com/zoominfo-opt-out/ www.secnews.physaphae.fr/article.php?IdArticle=8322085 False Spam,Guideline None 4.0000000000000000 Global Security Mag - Site de news francais Sophos montre comment faire du chatppt un copilote de cybersécurité [Sophos Demonstrates How to Make ChatGPT a Cybersecurity Co-Pilot] rapports spéciaux

Sophos Demonstrates How to Make ChatGPT a Cybersecurity Co-Pilot The AI Model Can More Easily Filter Malicious Activity in XDR Telemetry, Improve Spam Filters, and Simplify the Analysis of Living Off the Land Binaries - Special Reports]]> 2023-03-27T07:25:54+00:00 https://www.globalsecuritymag.fr/Sophos-Demonstrates-How-to-Make-ChatGPT-a-Cybersecurity-Co-Pilot.html www.secnews.physaphae.fr/article.php?IdArticle=8322004 False Spam ChatGPT,ChatGPT 2.0000000000000000 CVE Liste - Common Vulnerability Exposure CVE-2023-24835 Softnext Technologies Corp.Ã¢â‚¬â„¢s SPAM SQR has a vulnerability of Code Injection within its specific function. An authenticated remote attacker with administrator privilege can exploit this vulnerability to execute arbitrary system command to perform arbitrary system operation or disrupt service.]]> 2023-03-27T04:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24835 www.secnews.physaphae.fr/article.php?IdArticle=8321975 False Spam,Vulnerability None None Dark Reading - Informationweek Branch Seulement 1% des domaines à but non lucratif ont des protections de sécurité par e-mail DMARC de base [Just 1% of Nonprofit Domains Have Basic DMARC Email Security Protections] DMARC blocks spam and phishing emails sent from spoofed domains, and it\'s vastly underutilized, a new report says.]]> 2023-03-23T14:18:54+00:00 https://www.darkreading.com/attacks-breaches/nonprofit-domains-basic-dmarc-impersonation-protections www.secnews.physaphae.fr/article.php?IdArticle=8320920 False Spam,Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen 2023-03-20T17:56:00+00:00 https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html www.secnews.physaphae.fr/article.php?IdArticle=8319940 False Spam None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes. I'm giving you a short extract of the story and the link to the whole article is below. "Employees are submitting sensitive business data and privacy-protected information to large language models (LLMs) such as ChatGPT, raising concerns that artificial intelligence (AI) services could be incorporating the data into their models, and that information could be retrieved at a later date if proper data security isn't in place for the service. "In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential info, client data, source code, or regulated information to the LLM. "In one case, an executive cut and pasted the firm's 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient's name and their medical condition and asked ChatGPT to craft a letter to the patient's insurance company. "And as more employees use ChatGPT and other AI-based services as productivity tools, the risk will grow, says Howard Ting, CEO of Cyberhaven. "'There was this big migration of data from on-prem to cloud, and the next big shift is going to be the migration of data into these generative apps," he says. "And how that plays out [remains to be seen] - I think, we're in pregame; we're not even in the first inning.'" Your employees need to be stepped through new-school security awareness training so that they understand the risks of doing things like this. Blog post with links:https://blog.knowbe4.com/employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears [New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blockl]]> 2023-03-14T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-11-heads-up-employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears www.secnews.physaphae.fr/article.php?IdArticle=8318404 False Ransomware,Data Breach,Spam,Malware,Threat,Guideline,Medical ChatGPT,ChatGPT 2.0000000000000000 ComputerWeekly - Computer Magazine NCSC warns over AI language models but rejects cyber alarmism 2023-03-14T10:30:00+00:00 https://www.computerweekly.com/news/365532535/NCSC-warns-over-AI-language-models-but-rejects-cyber-alarmism www.secnews.physaphae.fr/article.php?IdArticle=8318451 False Spam None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Insights from an external incident response team: Strategies to reduce the impact of cybersecurity attacks phishing email is what requires investigation. Other companies may not see the point in worrying about such incidents. For instance, they may not be concerned about a phishing email being opened on an employee device in a remote location not connected to the main infrastructure since it poses no immediate threat. There are also interesting cases here. For example, online traders consider a drop in the speed of interaction with the online exchange by 1% to be a serious incident. In many industries, proper incident response steps and cybersecurity in general, cannot be overestimated. But if we are talking about serious incidents, then most often, these are events related to the penetration of an attacker into the corporate network. This annoys the vast majority of business leaders. Incident response stages While the interpretation of certain events as security incidents may vary depending on various factors such as context and threat model, the response steps are often the same. These response steps are primarily based on the old SANS standard, which is widely used by many security professionals. SANS identifies six stages of incident response: Preparation Identification Containment Eradication Recovery Lessons learned It is important to note that the external response team is not immediately involved in this process. Preparation Preparation involves properly aligning organizational and technical processes. These are universal measures that should be implemented effectively across all areas: Inventory networks Build subnets correctly Use correct security controls and tools Hire the right people All this is not directly related to the external response team and, at the same time, affects its work significantly. The response is based on preparatory steps. For example, it relies heavily on the log retention policy. Each attack has its own dwell time - the time from an attacker entering the network until their activity is detected. If the attack has an extended dwell time (three-four months) and the logs are kept for seven days, it will be much more difficult for the investigation team to fin]]> 2023-03-13T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/insights-from-an-external-incident-response-team-strategies-to-reduce-the-impact-of-cybersecurity-attacks www.secnews.physaphae.fr/article.php?IdArticle=8318005 False Spam,Malware,Vulnerability,Threat,Guideline None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Emotet Returns, Now Adopts Binary Padding for Evasion 2023-03-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/23/c/emotet-returns-now-adopts-binary-padding-for-evasion.html www.secnews.physaphae.fr/article.php?IdArticle=8319507 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links 2023-02-22T16:47:00+00:00 https://thehackernews.com/2023/02/attackers-flood-npm-repository-with.html www.secnews.physaphae.fr/article.php?IdArticle=8312457 False Spam None 2.0000000000000000 The State of Security - Magazine Américain How do mail filters work? 2023-02-20T03:21:02+00:00 https://www.tripwire.com/state-of-security/how-do-mail-filters-work www.secnews.physaphae.fr/article.php?IdArticle=8311838 False Spam,Threat None 2.0000000000000000 Kaspersky - Kaspersky Research blog Spam and phishing in 2022 2023-02-16T08:00:07+00:00 https://securelist.com/spam-phishing-scam-report-2022/108692/ www.secnews.physaphae.fr/article.php?IdArticle=8310749 False Spam None 3.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

CyberheistNews Vol 13 #07 | February 14th, 2023 [Scam of the Week] The Turkey-Syria Earthquake Just when you think they cannot sink any lower, criminal internet scum is now exploiting the recent earthquake in Turkey and Syria. Less than 24 hours after two massive earthquakes claimed the lives of tens of thousands of people, cybercrooks are already piggybacking on the horrible humanitarian crisis. You need to alert your employees, friends and family... again. Just one example are scammers that pose as representatives from a Ukrainian charity foundation that seeks money to help those affected by the natural disasters that struck in the early hours of Monday. There are going to be a raft of scams varying from blood drives to pleas for charitable contributions for victims and their families. Unfortunately, this type of scam is the worst kind of phishbait, and it is a very good idea to inoculate people before they get suckered into falling for a scam like this. I suggest you send the following short alert to as many people as you can. As usual, feel free to edit: [ALERT] "Lowlife internet scum is trying to benefit from the Turkey-Syria earthquake. The first phishing campaigns have already been sent and more will be coming that try to trick you into clicking on a variety of links about blood drives, charitable donations, or "exclusive" videos. "Don't let them shock you into clicking on anything, or open possibly dangerous attachments you did not ask for! Anything you receive about this recent earthquake, be very suspicious. With this topic, think three times before you click. It is very possible that it is a scam, even though it might look legit or was forwarded to you by a friend -- be especially careful when it seems to come from someone you know through email, a text or social media postings because their account may be hacked. "In case you want to donate to charity, go to your usual charity by typing their name in the address bar of your browser and do not click on a link in any email. Remember, these precautions are just as important at the house as in the office, so tell your friends and family." It is unfortunate that we continue to have to warn against the bad actors on the internet that use these tragedies for their own benefit. For KnowBe4 customers, we have a few templates with this topic in the Current Events. It's a good idea to send one to your users this week. Blog post with links:https://blog.knowbe4.com/scam-of-the-week-the-turkey-syria-earthquake ]]> 2023-02-14T14:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-07-scam-of-the-week-the-turkey-syria-earthquake www.secnews.physaphae.fr/article.php?IdArticle=8310010 False Ransomware,Spam,Threat,Guideline ChatGPT 2.0000000000000000 CVE Liste - Common Vulnerability Exposure CVE-2023-25163 2023-02-08T21:15:10+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25163 www.secnews.physaphae.fr/article.php?IdArticle=8308422 False Spam,Tool,Vulnerability Uber None Schneier on Security - Chercheur Cryptologue Américain Malware Delivered through Google Search declared that the problem has become much worse recently. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird...]]> 2023-02-07T12:23:54+00:00 https://www.schneier.com/blog/archives/2023/02/malware-delivered-through-google-search.html www.secnews.physaphae.fr/article.php?IdArticle=8307900 False Spam,Malware None 2.0000000000000000 CybeReason - Vendor blog Cyberbunker, Part 2

Spamhaus's decision to add Cyberbunker to its list of Spam sources led the Stophaus coalition to initiate a DDoS attack later dubbed “The attack that almost broke the Internet.” The fallout from this attack led to Cyberbunker relocating to a bunker in Germany - but it was the involvement of an Irish drug lord known as 'The Penguin' that led to the bullet-proof hosting company's downfall. ]]> 2023-01-20T17:11:49+00:00 https://www.cybereason.com/blog/cyberbunker-part-2 www.secnews.physaphae.fr/article.php?IdArticle=8302899 False Spam None 2.0000000000000000 CVE Liste - Common Vulnerability Exposure CVE-2023-22489 2023-01-13T19:15:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-22489 www.secnews.physaphae.fr/article.php?IdArticle=8300997 False Spam,Vulnerability None None CVE Liste - Common Vulnerability Exposure CVE-2022-4120 2022-12-26T13:15:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4120 www.secnews.physaphae.fr/article.php?IdArticle=8294995 False Spam,Guideline None None CVE Liste - Common Vulnerability Exposure CVE-2022-3883 2022-12-12T18:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3883 www.secnews.physaphae.fr/article.php?IdArticle=8290470 False Spam None None Cisco - Security Firm Blog Explorations in the spam folder–Holiday Edition 2022-12-08T13:00:37+00:00 https://blogs.cisco.com/security/explorations-in-the-spam-folder-holiday-edition www.secnews.physaphae.fr/article.php?IdArticle=8289092 False Spam None 3.0000000000000000 Anomali - Firm Blog Anomali Cyber Watch: Infected Websites Show Different Headers Depending on Search Engine Fingerprinting, 10 Android Platform Certificates Abused in the Wild, Phishing Group Impersonated Major UAE Oil Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Chinese Gambling Spam Targets World Cup Keywords (published: December 2, 2022) Since 2018, a large-scale website infection campaign was affecting up to over 100,000 sites at a given moment. Infected websites, mostly oriented at audiences in China, were modified with additional scripts. Compromised websites were made to redirect users to Chinese gambling sites. Title and Meta tags on the compromised websites were changed to display keywords that the attackers had chosen to abuse search engine optimization (SEO). At the same time, additional scripts were switching the page titles back to the original if the visitor fingerprinting did not show a Chinese search engine from a preset list (such as Baidu). Analyst Comment: Website owners should keep their systems updated, use unique strong passwords and introduce MFA for all privileged or internet facing resources, and employ server-side scanning to detect unauthorized malicious content. Implement secure storage for website backups. MITRE ATT&CK: [MITRE ATT&CK] Exploit Public-Facing Application - T1190 | [MITRE ATT&CK] Obfuscated Files or Information - T1027 Tags: SEO hack, HTML entities, Black hat SEO, Fraudulent redirects, Visitor fingerprinting, Gambling, Sports betting, World Cup, China, target-country:CN, JavaScript, Baidu, baiduspider, Sogou, 360spider, Yisou Leaked Android Platform Certificates Create Risks for Users (published: December 2, 2022) On November 30, 2022, Google reported 10 different Android platform certificates that were seen actively abused in the wild to sign malware. Rapid7 researchers found that the reported signed samples are adware, so it is possible that these platform certificates may have been widely available. It is not shared how these platform certificates could have been leaked. Analyst Comment: Malware signed with a platform certificate can enjoy privileged execution with system permissions, including permissions to access user data. Developers should minimize the number of applications requiring a platform certificate signature. Tags: Android, Google, Platform certificates, Signed malware, malware-type:Adware Blowing Cobalt Strike Out of the Water With Memory Analysis (published: December 2, 2022) The Cobalt Strike attack framework remains difficult to detect as it works mostly in memory and doesn’t touch the disk much after the initial loader stage. Palo Alto researchers analyzed three types of Cobalt Strike loaders: KoboldLoader which loads an SMB beacon, MagnetLoader loading an HTTPS beacon, and LithiumLoader loading a stager beacon. These beacon samples do not execute in normal sandbox environments and utilize in-me]]> 2022-12-06T17:09:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-infected-websites-show-different-headers-depending-on-search-engine-fingerprinting-10-android-platform-certificates-abused-in-the-wild-phishing-group-impersonated-major-uae-oil www.secnews.physaphae.fr/article.php?IdArticle=8288335 False Spam,Malware,Tool,Threat,Medical APT 38 3.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams

CyberheistNews Vol 12 #49 | December 6th, 2022 [Keep An Eye Out] Beware of New Holiday Gift Card Scams By Roger A. Grimes Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the receiver to pick just what they want, and are often received as a reward for doing something. The gift card market is estimated in the many hundreds of BILLIONS of dollars. Who doesn't like to get a free gift card? Unfortunately, scammers often use gift cards as a way to steal value from their victims. There are dozens of ways gift cards can be used by scammers to steal money. Roger covers these three scams in a short [VIDEO] and in detail on the KnowBe4 blog: You Need to Pay a Bill Using Gift Cards Maliciously Modified Gift Cards in Stores Phish You for Information to Supposedly Get a Gift Card Blog post with 2:13 [VIDEO] and links you can share with your users and family:https://blog.knowbe4.com/beware-of-holiday-gift-card-scams [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us TOMORROW, Wednesday, December 7 @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. NEW! KnowBe4 Mobile Learner App - Users Can Now Train Anytime, Anywhere! NEW! Security Culture Benchmarking feature lets you compare your organization's security culture with your peers NEW! AI-Driven phishing and training recommendations for your end users Did You Know? You can upload your own training video and SCORM modules into your account for home workers Active Directory or SCIM Integration to easily upload user data, eliminating the need to manually manage user changes Find out how 50,000+ organizations have mobilized their end-users as their human firewall. Date/Time: TOMORROW, Wednesday, December 7 @ 2:00 PM (ET) Save My Spot!https://event.on24.com/wcc/r/3947028/0273119CCBF116DBE42DF81F151FF99F?partnerref=CHN3 ]]> 2022-12-06T14:30:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-49-keep-an-eye-out-beware-of-new-holiday-gift-card-scams www.secnews.physaphae.fr/article.php?IdArticle=8288279 False Ransomware,Data Breach,Spam,Hack,Tool,Guideline None 3.0000000000000000 SANS Institute - SANS est un acteur de defense et formation Ukraine Themed Twitter Spam Pushing iOS Scareware, (Mon, Nov 28th) 2022-11-28T12:36:18+00:00 https://isc.sans.edu/diary/rss/29276 www.secnews.physaphae.fr/article.php?IdArticle=8271215 False Spam None 2.0000000000000000 AhnLab - Korean Security Firm Auto-Publishing and Auto-Reporting Programs for Blog Posts Spam programs are illegal programs according to the ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION. The ASEC analysis team previously published a blog post about a spam program sold as a marketing program. Today, we will introduce a program similar to the spam program covered in the past. The file collected under the filename of ‘Naver Blog Report Program.exe’ was developed with C#, just like the spam program covered in the previous blog post. Its... ]]> 2022-11-25T00:42:22+00:00 https://asec.ahnlab.com/en/42720/ www.secnews.physaphae.fr/article.php?IdArticle=8208407 False Spam None None Global Security Mag - Site de news francais GMX : Black Friday, jusqu\'à 20 % de spam en plus Points de Vue]]> 2022-11-24T00:30:00+00:00 https://www.globalsecuritymag.fr/GMX-Black-Friday-jusqu-a-20-de-spam-en-plus.html www.secnews.physaphae.fr/article.php?IdArticle=8185771 False Spam None None InfoSecurity Mag - InfoSecurity Magazine More Than Half of Black Friday Spam Emails Are Scams 2022-11-17T14:30:00+00:00 https://www.infosecurity-magazine.com/news/half-black-friday-spam-emails-scam/ www.secnews.physaphae.fr/article.php?IdArticle=8068558 False Spam None None Anomali - Firm Blog Anomali Cyber Watch: Amadey Bot Started Delivering LockBit 3.0 Ransomware, StrelaStealer Delivered by a HTML/DLL Polyglot, Spymax RAT Variant Targeted Indian Defense, and More Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence KmsdBot: The Attack and Mine Malware (published: November 10, 2022) KmsdBot is a cryptominer written in GO with distributed denial-of-service (DDoS) functionality. This malware was performing DDoS attacks via either Layer 4 TCP/UDP packets or Layer 7 HTTP consisting of GET and POST. KmsdBot was seen performing targeted DDoS attacks against the gaming industry, luxury car manufacturers, and technology industry. The malware spreads by scanning for open SSH ports and trying a list of weak username and password combinations. Analyst Comment: Network administrators should not use weak or default credentials for servers or deployed applications. Keep your systems up-to-date and use public key authentication for your SSH connections. MITRE ATT&CK: [MITRE ATT&CK] Network Denial of Service - T1498 | [MITRE ATT&CK] Resource Hijacking - T1496 Tags: detection:KmsdBot, SSH, Winx86, Arm64, mips64, x86_64, malware-type:DDoS, malware-type:Cryptominer, xmrig, Monero, Golang, target-industry:Gaming, target-industry:Car manufacturing, target-industry:Technology, Layer 4, Layer 7 Massive ois[.]is Black Hat Redirect Malware Campaign (published: November 9, 2022) Since September 2022, a new WordPress malware redirects website visitors via ois[.]is. To conceal itself from administrators, the redirect will not occur if the wordpress_logged_in cookie is present, or if the current page is wp-login.php. The malware infects .php files it finds – on average over 100 files infected per website. A .png image file is initiating a redirect using the window.location.href function to redirect to a Google search result URL of a spam domain of actors’ choice. Sucuri researchers estimate 15,000 affected websites that were redirecting visitors to fake Q&A sites. Analyst Comment: WordPress site administrators should keep their systems updated and secure the wp-admin administrator panel with 2FA or other access restrictions. If your site was infected, perform a core file integrity check, query for any files containing the same injection, and check any recently modified or added files. MITRE ATT&CK: [MITRE ATT&CK] Exploit Public-Facing Application - T1190 Tags: file-type:PHP, SEO poisoning, WordPress, Google Search, Google Ads LockBit 3.0 Being Distributed via Amadey Bot (published: November 8, 2022) Discovered in 2018, Amadey Bot is a commodity malware that functions as infostealer and loader. Ahnlab researchers detected a new campaign where it is used to deliver the LockBit 3.0 ransomware. It is likely a part of a larger 2022 campaign delivering LockBit to South Korean users. The actors used phishing attachments with two variants of Amadey B]]> 2022-11-16T03:26:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-amadey-bot-started-delivering-lockbit-30-ransomware-strelastealer-delivered-by-a-html-dll-polyglot-spymax-rat-variant-targeted-indian-defense-and-more www.secnews.physaphae.fr/article.php?IdArticle=8039573 False Ransomware,Spam,Malware,Tool,Threat None None Fortinet ThreatSignal - Harware Vendor Emotet Distributed Through U.S. Election Themed Link Files 2022-11-14T21:30:35+00:00 https://fortiguard.fortinet.com/threat-signal-report/4867 www.secnews.physaphae.fr/article.php?IdArticle=8020780 False Spam,Guideline None None InformationSecurityBuzzNews - Site de News Securite Malware Campaign Redirects 15,000 Sites 2022-11-11T11:55:16+00:00 https://informationsecuritybuzz.com/malware-campaign-redirects-15000-sites/ www.secnews.physaphae.fr/article.php?IdArticle=7946372 False Spam,Malware,Threat None None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 11 Cybersecurity investments you can make right now new compliance requirement in many industries, including healthcare, finance, and retail. In the event of a data breach, companies are often required to notify their customers and partners, which can be costly. Cyber insurance can help cover these expenses. Employee training Employees are often the weakest link in a company's cybersecurity defenses. They may not be aware of the latest cyber threats or how to protect themselves from them. That's why it's important to provide employees with regular training on cybersecurity risks and best practices. There are many different types of employee training programs available, ranging from in-person seminars to online courses. Some companies even offer financial incentives for employees who complete training programs. In the remote work era, employee education also increasingly means arming remote workers with knowledge that will keep company data safe while they are working on networks that might not be well secured. This is especially the case if you know people are connecting via public networks at cafes, co-working spaces, and airports. Endpoint security Endpoints are the devices that connect to a network, such as laptops, smartphones, and tablets. They are also a common entry point for cyber-attacks. That's why it's important to invest in endpoint security, which includes solutions such as antivirus software, firewalls, and encryption. You can invest in endpoint security by purchasing it from a vendor or by implementing it yourself. There are also many free and open-source solutions available. Make sure you test any endpoint security solution before deploying it in your environment. Identity and access management Identity and access management (IAM) is a process for managing user identities and permissions. It can be used to control who has access to what data and resources, and how they can use them. IAM solutions often include features such as Single Sign-On (SSO), which allows users to access multiple applications with one set of credentials, and two-factor authentication (2FA), which adds an extra layer of security. IAM solutions can be deployed on-premises or in the cloud. They can also be integrated with other security solutions, such as firewalls and intrusion detection systems. Intrusion detection and prevention Intrusion detection and prevention systems (IDPS) are designed to detect and prevent cyber-attacks. They work by monitoring network traffic for suspicious activity and blocking or flagging it as needed. IDPS solutions can be deployed on-premises or in the cloud. There are many different types of IDPS solutions available, ranging from simple network-based solutions to more sophisticated host-based ones. Make sure you choose a solution that is right for your environment and needs. Security information and event management Security information and event management (SIEM) solutions are designed to collect and analyze data from a variety of security ]]> 2022-10-27T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/11-cybersecurity-investments-you-can-make-right-now www.secnews.physaphae.fr/article.php?IdArticle=7700503 False Data Breach,Spam,Malware,Vulnerability,Patching None None AhnLab - Korean Security Firm FormBook Malware Being Distributed as .NET The FormBook malware that was recently detected by a V3 software had been downloaded to the system and executed while the user was using a web browser. FormBook is an info-stealer that aims to steal the user’s web browser login information, keyboard input, clipboard, and screenshots. It targets random individuals, and is usually distributed through spam mails or uploaded to infiltrated websites. FormBook operates by injecting into a running process memory, and the targets of injection are explorer.exe and arbitrary... ]]> 2022-10-26T23:52:48+00:00 https://asec.ahnlab.com/en/40663/ www.secnews.physaphae.fr/article.php?IdArticle=7693118 False Spam,Malware None None CVE Liste - Common Vulnerability Exposure CVE-2022-3302 2022-10-25T17:15:56+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3302 www.secnews.physaphae.fr/article.php?IdArticle=7674018 False Spam,Guideline None 3.0000000000000000 Anomali - Firm Blog Threat Hunting: Eight Tactics to Accelerating Threat Hunting A new threat report is published from an intel provider describing a new variant of malware that has been catastrophic at similar organizations. This report would ideally contain information around the process tree, registry key, etc., to help the cyber threat hunters not just hunt for detection of the associated IOCs but dig deeper to identify patterns that match the behavior of the malware across the network, like abnormal PowerShell executio]]> 2022-10-20T13:36:00+00:00 https://www.anomali.com/blog/threat-hunting-eight-tactics-to-a-accelerating-threat-hunting www.secnews.physaphae.fr/article.php?IdArticle=7666507 False Spam,Malware,Tool,Vulnerability,Threat None None CSO - CSO Daily Dashboard Attackers switch to self-extracting password-protected archives to distribute email malware a new report.To read this article in full, please click here]]> 2022-10-20T06:00:00+00:00 https://www.csoonline.com/article/3677448/attackers-switch-to-self-extracting-password-protected-archives-to-distribute-email-malware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7584664 False Spam,Malware,Threat None None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Stories from the SOC: Feeling so foolish – SocGholish drive by compromise The best way to start looking into a S1 event is to go to the Storyline of the Incident within Deep Visibility. Deep Visibility deep dive

Once we have all the events related to the Incident, we can also create a new Deep Visibility search for all activity related to the affected host from about an hour before right up to the first event for the incident. This will let us try to see what happened on the host that lead to the execution of the malicious JavaScript file. Reviewing the events from both the overall logs on the host and the events related to the Storyline, we can build out a rough timeline of events. Note there are close to 15k events on the host in the timeframe and 448 events in total in the Storyline; I’m just going over the interesting findings for expediency sake. 12:07:08 The user is surfing on Chrome and using Google search to look up electricity construction related companies; we see two sites being visited, with both sites being powered by WordPress. The SocGholish campaign works by injecting malicious code into vulnerable WordPress websites. While I was unable to find the injected code within the potentially compromised sites, I see that one of the banners on the page contains spam messages; while there are no links or anything specifically malicious with this, it lets us know that this site is unsafe to a degree. Bad banner

12:10:46 The user was redirected to a clean[.]godmessagedme[.]com for the initial download. It likely would have looked like this: Chrome false

We can assume the URI for the request looks like the /report as seen in VirusTotal and described in open-source intelligence (OSI). Note that the subdomain “clean” has a different resolution than the root domain; this is domain shadowing performed by the attackers by creating a new A-record within the DNS settings of the legitimate domain: New A record

12:12:19 Chrome creates on disk: “C:\Users\[redacted]\Downloads\Сhrome.Updаte.zip”. 12:13:11 User has opened the zip]]> 2022-10-17T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/stories-from-the-soc-feeling-so-foolish-socgholish-drive-by-compromise www.secnews.physaphae.fr/article.php?IdArticle=7526702 False Spam,Threat,Guideline None None Fortinet ThreatSignal - Harware Vendor Guloader Spam Indiscriminately Sent to State Elections Board 2022-10-14T01:24:52+00:00 https://fortiguard.fortinet.com/threat-signal-report/4805 www.secnews.physaphae.fr/article.php?IdArticle=7451988 False Spam,Malware,Vulnerability None None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 12 Essential ways to improve your website security protect your WordPress site, is to ensure that all your plugins and software are up-to-date. Outdated software is one of the most common ways that attackers gain access to websites. By keeping everything up to date, you can help to prevent vulnerabilities from being exploited. You can usually enable auto-updates for most plugins and software from within their setting's menus. For WordPress sites, there is also a plugin called Easy Updates Manager that can help you to keep everything up to date with ease. 2. A strong password policy A strong password policy is the first step to protecting your website from malicious actors. By requiring strong and unique passwords, you can make it significantly more difficult for attackers to gain access to your site. You need to ensure that your website's backend is well protected and that only authorized users have access. To do this, you should consider using a password manager to generate and store strong passwords for your site. You definitely should not be using the same password for multiple sites. 3. Two-factor authentication Two-factor authentication (2FA) is an important security measure that you should consider implementing for your website. 2FA adds an extra layer of security by requiring users to provide two pieces of information before they can access your site. This could include a password and a one-time code that is generated by an app on your phone. 2FA can help to prevent attackers from gaining access to your site, even if they have your password. 4. A secure socket layer (SSL) certificate An SSL certificate is a must-have for any website that wants to protect their users' information. SSL encrypts the communications between your website and your users' web browsers. This means that even if an attacker was able to intercept the communication, they would not be able to read it. SSL also provides authentication, which means you can be sure that your users are communicating with the intended website and not a fake site set up by an attacker. Increasingly, having things like HTTPS and an SSL certificate are part of Google's ranking metrics and will help your website's SEO. If you aren't making an effort to protect your visitors and users (the people who give you their sensitive credit card information), they may take their business elsewhere. 5. A web application firewall (WAF) A web application firewall (WAF) is a piece of software that sits between your website and the internet. It filters traffic to your site and blocks any requests that it considers to be malicious. WAFs can be very effective at stopping attacks such as SQL injection and cross-site scripting (XSS). 6. Intrusion detection and prevention systems (IDPS) Intrusion detection and prevention systems (IDPS) are designed to]]> 2022-10-12T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/12-essential-ways-to-improve-your-website-security www.secnews.physaphae.fr/article.php?IdArticle=7409530 False Spam,Malware,Threat None 4.0000000000000000 GoogleSec - Firm Security Blog Google Pixel 7 and Pixel 7 Pro: The next evolution in mobile security 1 Pixel phones also get better every few months with Feature Drops that provide the latest product updates, tips and tricks from Google. And Pixel 7 and Pixel 7 Pro users will receive at least five years of security updates2, so your Pixel gets even more secure over time. Your protection, built into PixelYour digital life and most sensitive information lives on your phone: financial information, passwords, personal data, photos – you name it. With Google Tensor G2 and our custom Titan M2 security chip, Pixel 7 and Pixel 7 Pro have multiple layers of hardware security to help keep you and your personal information safe. We take a comprehensive, end-to-end approach to security with verifiable protections at each layer - the network, application, operating system and multiple layers on the silicon itself. If you use Pixel for your business, this approach helps protect your company data, too.

Google Tensor G2 is Pixel's newest powerful processor custom built with Google AI, and makes Pixel 7 faster, more efficient and secure3. Every aspect of Tensor G2 was designed to improve Pixel's performance and efficiency for great battery life, amazing photos and videos. Tensor's built-in security core works with our Titan M2 security chip to keep your personal information, PINs and passwords safe. Titan family chips are also used to protect Google Cloud data centers and Chromebooks, so the same hardware that protects Google servers also secures your sensitive information stored on Pixel. And, in a first for Google, Titan M2 hardware has now been certified under Common Criteria PP0084: the international gold standard for hardware security components also used for identity, SIM cards, and bankcard security chips.]]> 2022-10-11T19:22:42+00:00 http://security.googleblog.com/2022/10/google-pixel-7-and-pixel-7-pro-next.html www.secnews.physaphae.fr/article.php?IdArticle=7482584 False Spam,Malware,Vulnerability,Guideline,Industrial APT 40 None InfoSecurity Mag - InfoSecurity Magazine Meta Sues Chinese Devs Over WhatsApp Malware Plot 2022-10-07T09:10:00+00:00 https://www.infosecurity-magazine.com/news/whatsapp-sues-chinese-devs-malware/ www.secnews.physaphae.fr/article.php?IdArticle=7331575 False Spam,Malware None None Malwarebytes Labs - MalwarebytesLabs FCC moves to block robotexts Categories: NewsCategories: ScamsThe Federal Communications Commission wants mobile carriers to block spam texts at the network level. (Read more...) ]]> 2022-09-28T13:00:00+00:00 https://www.malwarebytes.com/blog/news/2022/09/fcc-is-finally-moving-forward-with-blocking-spam-texts www.secnews.physaphae.fr/article.php?IdArticle=7234681 False Spam None None The State of Security - Magazine Américain Your Guide to the Latest Email Fraud and Identity Deception Trends There's a high chance that you or someone you know has been impacted by email fraud or identity theft. At the very least, you've likely received a variety of spam emails and text messages asking to provide a payment or confirm your identity. The good news is that cybersecurity protection is constantly evolving and improving, […]… Read More ]]> 2022-09-28T03:00:00+00:00 https://www.tripwire.com/state-of-security/security-data-protection/your-guide-latest-email-fraud-identity-deception-trends/ www.secnews.physaphae.fr/article.php?IdArticle=7170596 False Spam None None Anomali - Firm Blog Anomali Cyber Watch: Sandworm Uses HTML Smuggling and Commodity RATs, BlackCat Ransomware Adds New Features, Domain Shadowing Is Rarely Detected, and More Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence A Multimillion Dollar Global Online Credit Card Scam Uncovered (published: September 23, 2022) ReasonLabs researchers discovered a large network of fake dating and customer support websites involved in credit card fraud operations. The threat actor builds a basic website, registers it with a payment processor (RocketGate), buys credit card data from other threat actors, and subscribes victims to monthly charging plans. The US was the most targeted, and a lower number of sites were targeting France. To pass the processor checks and lower the number of charge-backs the actor avoided test charges, used a generic billing name, charged only a small, typical for the industry payment, and hired a legitimate support center provider, providing effortless canceling and returning of the payment. Analyst Comment: Users are advised to regularly check their bank statements and dispute fraudulent charges. Researchers can identify a fraudulent website by overwhelming dominance of direct-traffic visitors from a single country, small network of fake profiles, and physical address typed on a picture to avoid indexing. Tags: Credit card, Fraud, Scam, Chargeback, Payment processor, Fake dating site, USA, target-country:US, France, target-country:FR, target-sector:Finance NAICS 52 Malicious OAuth Applications Used to Compromise Email Servers and Spread Spam (published: September 22, 2022) Microsoft researchers described a relatively stealthy abuse of a compromised Exchange server used to send fraud spam emails. After using valid credentials to get access, the actor deployed a malicious OAuth application, gave it admin privileges and used it to change Exchange settings. The first modification created a new inbound connector allowing mails from certain actor IPs to flow through the victim’s Exchange server and look like they originated from the compromised Exchange domain. Second, 12 new transport rules were set to delete certain anti-spam email headers. Analyst Comment: If you manage an Exchange server, strengthen account credentials and enable multifactor authentication. Investigate if receiving alerts regarding suspicious email sending and removal of antispam header. MITRE ATT&CK: [MITRE ATT&CK] Valid Accounts - T1078 | [MITRE ATT&CK] Indicator Removal on Host - T1070 Tags: Exchange, Microsoft, PowerShell, Inbound connector, Transport rule, Fraud, Spam NFT Malware Gets New Evasion Abilities (published: September 22, 2022) Morphisec researchers describe a campaign targeting non-fungible token (NFT) communities since November 2020. A malicious link is being sent via Discord or other forum private phishing message related to an NFT or financial opportunity. If the user ]]> 2022-09-27T16:51:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-sandworm-uses-html-smuggling-and-commodity-rats-blackcat-ransomware-adds-new-features-domain-shadowing-is-rarely-detected-and-more www.secnews.physaphae.fr/article.php?IdArticle=7161515 False Ransomware,Spam,Malware,Tool,Threat None None TechRepublic - Security News US Malicious Oauth app enables attackers to send spam through corporate cloud tenants Microsoft investigated a new kind of attack where malicious OAuth applications were deployed on compromised cloud tenants before being used for mass spamming. ]]> 2022-09-27T15:40:27+00:00 https://www.techrepublic.com/article/malicious-oauth-spam/ www.secnews.physaphae.fr/article.php?IdArticle=7161018 False Spam None None Malwarebytes Labs - MalwarebytesLabs Exchange servers abused for spam through malicious OAuth applications Categories: NewsTags: Exchange Tags: OAuth Tags: spam Tags: MFA Tags: Transport rules Tags: connector Threat actors have been using malicious OAuth applications to abuse Microsoft Exchange servers for their spam campaign. (Read more...) ]]> 2022-09-27T11:00:00+00:00 https://www.malwarebytes.com/blog/news/2022/09/exchange-servers-abused-for-spam-through-malicious-oauth-applications www.secnews.physaphae.fr/article.php?IdArticle=7167470 False Spam None None InfoSecurity Mag - InfoSecurity Magazine Hackers Deploy Malicious OAuth Apps to Compromise Email Servers, Spread Spam 2022-09-23T16:00:00+00:00 https://www.infosecurity-magazine.com/news/oauth-attack-compromise-email/ www.secnews.physaphae.fr/article.php?IdArticle=7084789 False Spam None None Dark Reading - Informationweek Branch Cyberattackers Compromise Microsoft Exchange Servers Via Malicious OAuth Apps 2022-09-23T15:22:53+00:00 https://www.darkreading.com/application-security/cyberattackers-compromise-microsoft-exchange-servers-malicious-oauth-apps www.secnews.physaphae.fr/article.php?IdArticle=7084511 False Spam None None Kaspersky - Kaspersky Research blog Mass email campaign with a pinch of targeted spam 2022-09-23T08:00:13+00:00 https://securelist.com/agent-tesla-malicious-spam-campaign/107478/ www.secnews.physaphae.fr/article.php?IdArticle=7077607 False Spam None None InfoSecurity Mag - InfoSecurity Magazine UK Privacy Regulator Fines Halfords for Spam Deluge 2022-09-07T09:40:00+00:00 https://www.infosecurity-magazine.com/news/privacy-regulator-fines-halfords/ www.secnews.physaphae.fr/article.php?IdArticle=6764585 False Spam None None CVE Liste - Common Vulnerability Exposure CVE-2022-1663 2022-08-29T18:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1663 www.secnews.physaphae.fr/article.php?IdArticle=6616323 False Spam,Threat None None SANS Institute - SANS est un acteur de defense et formation Paypal Phishing/Coinbase in One Image, (Fri, Aug 26th) 2022-08-26T05:31:39+00:00 https://isc.sans.edu/diary/rss/28984 www.secnews.physaphae.fr/article.php?IdArticle=6536936 False Spam None None DarkTrace - DarkTrace: AI bases detection Emotet Resurgence: Cross-Industry Campaign Analysis 2022-08-23T00:00:00+00:00 https://darktrace.com/blog/emotet-resurgence-cross-industry-campaign-analysis www.secnews.physaphae.fr/article.php?IdArticle=6481958 False Spam None 4.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET How a spoofed email passed the SPF check and landed in my inbox The Sender Policy Framework can't help prevent spam and phishing if you allow billions of IP addresses to send as your domain ]]> 2022-08-16T09:30:17+00:00 https://www.welivesecurity.com/2022/08/16/spoofed-email-passed-spf-check-inbox/ www.secnews.physaphae.fr/article.php?IdArticle=6355265 False Spam None None CVE Liste - Common Vulnerability Exposure CVE-2022-35958 2022-08-15T11:21:39+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35958 www.secnews.physaphae.fr/article.php?IdArticle=6341896 False Spam None 3.0000000000000000 Security Affairs - Blog Secu LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities LogoKit – Threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters in phishing campaigns. Resecurity, Inc. (USA), a Los Angeles-based cybersecurity company providing managed threat detection and response for Fortune 500’s, identified threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters […] ]]> 2022-08-08T15:11:18+00:00 https://securityaffairs.co/wordpress/134141/hacking/logokit-phishing-open-redirect.html www.secnews.physaphae.fr/article.php?IdArticle=6203650 False Spam,Threat None None