Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. « These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device’s camera, location, and microphone, » Cybersecurity firm Cyfirma said in a report published last week. CypherRAT and CraxsRAT are said to be offered to […]
Spacecolon Toolset Fuels Global Surge in Scarab Ransomware Attacks
A malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware across victim organizations globally. « It probably finds its way into victim organizations by its operators compromising vulnerable web servers or via brute forcing RDP credentials, » ESET security researcher Jakub Souček said in a detailed technical write-up
Over a Dozen Malicious npm Packages Target Roblox Game Developers
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called Luna Token Grabber on systems belonging to Roblox developers. The ongoing campaign, first detected on August 1 by ReversingLabs, employs modules that masquerade as the legitimate package noblox.js, an […]
Le fondateur de Group-IB, Ilya Sachkov, a été condamné à 14 ans de prison pour trahison d’État
Le tribunal de Moscou a condamné le fondateur de l’entreprise Group-IB, Ilya Sachkov, à 14 ans de prison. Il purgera sa peine dans une colonie pénitentiaire à régime strict.
Un avocat veut savoir quel est le pays Européen a aidé le FBI à mettre le monde sur écoute
Au cours de l’opération spéciale Trojan Shield, le Federal Bureau of Investigation (FBI) des États-Unis contrôlait secrètement les téléphones cryptés Anom. Les avocats de plusieurs criminels arrêtés demandent que soit nommé le pays qui a aidé les agents à intercepter les messages.
Versioning : une méthode pirate qui a fait ses preuves
Les logiciels malveillants Android utilisent la technique de « versioning » pour contourner les scanners du Play Store.
Blocage de Telegram en Irak, Xiaomi bloque la messagerie en Chine
Alors que je vous expliquais l’intérêt des autorités occidentales de se rapprocher de Telegram pour traquer les cyber criminels, en Iraq et en Chine, la méthode est plus expéditive.
Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates
A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The attacks, per the cybersecurity firm, leverage a trojanized version of a […]
New Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App
A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called « OfficeNote. » « The new version of XLoader is bundled inside a standard Apple disk image with the name OfficeNote.dmg, » SentinelOne security researchers Dinesh Devadoss and Phil Stokes said in a Monday analysis. « The application
Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software
Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue has been described as a case of authentication bypass impacting versions 9.18 and prior due to […]