New PEAPOD Cyberattack Campaign Targeting Women Political Leaders
European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, […]
Google donne la priorité aux passkeys : ce qu’il faut savoir
La connexion par clés d’accès (passkeys) est désormais prioritaire sur les comptes Google. Qu’implique cette décision ?
Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023?
Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively. This article will cover just some of those new developments in Q3-2023 as well as give predictions […]
DarkGate Malware Spreading via Messaging Services Posing as PDF Files
A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams. In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt […]
FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That’s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) […]
Malicious NuGet Package Targeting .NET Developers with SeroXen RAT
A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report today. While
ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. « The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value, » […]
How to Guard Your Data from Exposure in ChatGPT
ChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive business data into ChatGPT, or similar applications. DLP solutions, the go-to solution for similar challenges, are
Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack
Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a « large-scale remote encryption attempt » made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant’s threat intelligence team is tracking the operator as Storm-1567. The attack leveraged devices that were not onboarded to Microsoft
XDR : quatre offres pour une approche cyber qui décolle
Alors que les EDR ont démontré leur efficacité à détecter des attaques passées sous les radars des antivirus classiques, une évolution vers les XDR semble inéluctable. Passage en revue des offres de SentinelOne, Bitdefender, Trend Micro et Sekoia.io.