QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord
A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms. « Once installed on the victim’s Windows platform machines, the RAT stealthily collects sensitive data, which is then sent to the attacker’s Telegram bot, providing them with unauthorized access to the victim’s sensitive information, » Uptycs said in a […]
Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability
E-commerce sites using Adobe’s Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw (CVE-2022-24086, CVSS score: 9.8) in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution. « The […]
CERTFR-2023-ACT-035 : Bulletin d’actualité CERTFR-2023-ACT-035 (14 août 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Identity Threat Detection and Response: Rips in Your Identity Fabric
Why SaaS Security Is a Challenge In today’s digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive their operations. However, this widespread adoption has also opened the doors to new security risks and vulnerabilities. The SaaS security attack surface continues to widen. It started with managing misconfigurations and now requires a
Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks
Germany’s Federal Office for the Protection of the Constitution (BfV) has warned of cyber attacks targeting Iranian persons and organizations in the country since the end of 2022. « The cyber attacks were mainly directed against dissident organizations and individuals – such as lawyers, journalists, or human rights activists – inside and outside Iran, » the agency said in […]
New Financial Malware ‘JanelaRAT’ Targets Latin American Users
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that’s capable of capturing sensitive information from compromised Microsoft Windows systems. « JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions, » Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it « abuses DLL side-loading
De nouvelles photos supposées du port USB-C de l’iPhone 15
Comme tous les ans, les rumeurs estivales tournent en boucle sur le prochain iPhone, qui sortira dans quelques semaines. Aujourd’hui ne fait pas exception avec des photos supposées du module USB-C dont sera doté l’iPhone 15.
LFCS #1: How to Use ‘sed’ Command to Create, Edit, and Manipulate Files in Linux
The post LFCS #1: How to Use ‘sed’ Command to Create, Edit, and Manipulate Files in Linux first appeared on Tecmint: Linux Howtos, Tutorials & Guides . The Linux Foundation announced the LFCS (Linux Foundation Certified Sysadmin) certification, a new program that aims at helping individuals all over the world to get The post LFCS […]
India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First
The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was unanimously passed by both houses of the parliament last week, marking a significant step towards securing people’s information. « The Bill provides for the processing of digital personal data in a manner that recognizes both the […]
Qu’attendre de l’iPhone SE 4 ? (USB-C, 5G, Face ID, date de sortie ?)
Petit oublié des rumeurs ces derniers temps face à l’arrivée imminente de ses grands frères, l’iPhone SE de 4e génération refait parler de lui depuis vendredi. Après avoir sonné le glas de l’iPhone mini, i faut dire que son form factor plus petit (et moins cher) et plus basique -le tout proposé par Apple- en […]