Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware
A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT. « The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target […]
5 Practical Techniques for Effective Cyber Threat Hunting
Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless arrays of data and end up […]
Six enseignements clés sur les mots de passe tirés de la mise à jour du cadre de cybersécurité du NIST
La sécurité des mots de passe évolue – et les nouvelles lignes directrices du National Institute of Standards and Technology (NIST) rejettent les pratiques obsolètes au profit de protections plus efficaces. Vous n’avez pas le temps de lire les 35 000 mots des lignes directrices ? Aucun problème. Voici les six points essentiels du nouveau […]
Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection
Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. « Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks, » Morphisec researcher Nadav Lorber said in a technical report published Monday. The attacks make use of fake […]
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below – CVE-2024-20767 (CVSS score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to […]
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. « The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007, » Kaspersky researchers Georgy Kucherin and Marc […]
Bulletin d’actualité CERTFR-2024-ACT-054 (16 décembre 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. « Entirely reliant on a single ad network for propagation, this campaign showcases the core mechanisms of malvertising — delivering over
Sous l’ère NIS2, un état des lieux de la cybersécurité dans l’UE
Chargée par la NIS2 d’élaborer tous les deux ans un état des lieux de la cybersécurité dans l’UE, l’ENISA a livré un premier rapport. Que perçoit-elle ?
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there’s a lot that might have flown under your radar. Attackers are adapting old tricks, uncovering new ones, and targeting systems both large and small. […]