Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia
A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which has been monitoring the cyber offensive, said it comprises three intrusion sets […]
Cybersécurité e-commerce : assistez à une démonstration d’attaque cyber en direct !
Les e-commerçants sont des cibles de choix pour les cyber attaquants Silicon, en partenariat avec Cloudflare, vous propose de visionner la retransmission d’un webinaire exclusif : voyez comment un pirate peut aisément accéder à vos données en piratant votre site Découvrez également comment optimiser la protection de vos sites et de vos applications web. Experts
Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments
The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the name Earth Preta, said it observed « the propagation of […]
New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks
A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab in the Department of Software and Information […]
Bulletin d’actualité CERTFR-2024-ACT-040 (09 septembre 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…
DDoS : quand les cybercriminels prennent le contrôle du temps et du web
Les attaques DDoS ne sont pas simplement des nuisances numériques, mais des armes redoutables capables de paralyser des réseaux entiers en les inondant de trafic malveillant.
La France ne veut toujours pas d’un EUCS « édulcoré »
Dans la lignée de la CNIL, une commission parlementaire appelle à inclure des critères d’immunité extraterritoriale dans le schéma européen EUCS.
Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks
The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. « This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target networks, » Palo Alto Networks Unit 42 researcher Tom […]
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout
The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach not only fails to address the fundamental issue of the attack surface but also introduces dangerous
Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT
The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) known as Quasar RAT since June 2024. « Attacks have originated with phishing emails impersonating the Colombian tax authority, » Zscaler ThreatLabz researcher Gaetano Pellegrino […]