Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
23 résultats taggé campaign  ✕
PSA: Ongoing Webex malvertising campaign drops BatLoader https://www.malwarebytes.com/blog/threat-intelligence/2023/09/ongoing-webex-malvertising-drops-batloader
13/09/2023 22:03:09
QRCode
archive.org
thumbnail

A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco's brand and is displayed first when performing a Google search.

malwarebytes EN 2023 Webex malvertising campaign BatLoader
LinkedIn under attack, malicious hackers seize accounts https://www.tripwire.com/state-of-security/linkedin-under-attack-hackers-seize-accounts
18/08/2023 09:44:31
QRCode
archive.org
thumbnail

Security researchers have identified that a widespread LinkedIn hacking campaign has seen many users locked out of their accounts worldwide.

tripwire EN 2023 Linkedin hacking campaign social locked
Apple Crimeware | Massive Rust Infostealer Campaign Aiming for macOS Sonoma Ahead of Public Release https://www.sentinelone.com/blog/apple-crimeware-massive-rust-infostealer-campaign-aiming-for-macos-sonoma-ahead-of-public-release/
31/07/2023 14:57:55
QRCode
archive.org
thumbnail

Crimeware actors have launched an extensive campaign to target macOS users with malware disguised in multiple fake blockchain games.

sentinelone EN 2023 Apple Crimeware Rust Infostealer Campaign macOS Sonoma
New Magecart-Style Campaign Abusing Legitimate Websites to Attack Others | Akamai https://www.akamai.com/blog/security-research/new-magecart-hides-behind-legit-domains
05/06/2023 09:00:06
QRCode
archive.org
thumbnail

Akamai researchers have identified a new Magecart-style skimmer campaign that hides behind legitimate website domains to steal PII and credit card information.

akamai EN 2023 Research Magecart skimmer campaign WP
Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign https://www.wordfence.com/blog/2023/05/wordfence-firewall-blocks-bizarre-large-scale-xss-campaign/
25/05/2023 08:17:20
QRCode
archive.org
thumbnail

The Wordfence Threat Intelligence team has been monitoring an increase in attacks targeting a Cross-Site Scripting vulnerability in Beautiful Cookie Consent Banner, a WordPress plugin installed on over 40,000 sites. The vulnerability, which was fully patched in January in version 2.10.2, offers unauthenticated attackers the ability to add malicious JavaScript to a website, potentially allowing ...Read More

wordfence EN 2023 Beautiful-Cookie-Consent-Banner plugin WordPress XSS Campaign
Espionage campaign linked to Russian intelligence services https://www.gov.pl/web/baza-wiedzy/espionage-campaign-linked-to-russian-intelligence-services
15/04/2023 14:45:32
QRCode
archive.org
thumbnail

The Military Counterintelligence Service and the CERT Polska team (CERT.PL) observed a widespread espionage campaign linked to Russian intelligence services

gov.pl EN 2023 CERT.PL Poland Russian Espionage campaign Russia Counterintelligence
Who Broke NPM?: Malicious Packages Flood Leading to Denial of Service https://medium.com/checkmarx-security/who-broke-npm-malicious-packages-flood-leading-to-denial-of-service-77ac707ddbf1
05/04/2023 08:42:35
QRCode
archive.org
thumbnail

We’ve seen spam campaigns in the open-source ecosystems in the past year, but this month was by far the worst one we’ve seen yet. Apparently, attackers found the unvetted open-source ecosystems as an…

checkmarx-security EN 2023 NPM spam campaign flood DoS scam medium
CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/
30/03/2023 09:04:31
QRCode
archive.org

What Happened On March 29, 2023, Falcon OverWatch observed unexpected malicious activity emanating from a legitimate …

reddit EN 2023 CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
West ill-prepared to deal with evolving cyber threats, report concludes https://www.cardiff.ac.uk/news/view/2699454-west-ill-prepared-to-deal-with-evolving-cyber-threats,-report-concludes
01/03/2023 21:38:48
QRCode
archive.org
thumbnail

Hacking and disinformation operation has continued to expand its activity, despite separate interventions in several European countries
PDF

cardiff.ac EN 2023 report Ghostwriter campaign
Uncle Sow: Dark Caracal in Latin America https://www.eff.org/deeplinks/2023/02/uncle-sow-dark-caracal-latin-america
12/02/2023 15:40:16
QRCode
archive.org
thumbnail

In 2018, EFF along with researchers from Lookout Security published a report describing the Advanced Persistent Threat (APT) we dubbed "Dark Caracal." Now we have uncovered a new Dark Caracal campaign operating since March of 2022, with hundreds of infections across more than a dozen countries. In this report we will present evidence that the cyber mercenary group Dark Caracal is still active and continues to be focused on Latin America, as was reported last year. We have discovered that Dark Caracal, using the Bandook spyware, is currently infecting over 700 computers in Central and South America, primarily in The Dominican Republic and Venezuela.

eff EN 2023 DarkCaracal APT LatinAmerica Venezuela campaign research
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs https://www.trendmicro.com/en_us/research/23/b/enigma-stealer-targets-cryptocurrency-industry-with-fake-jobs.html
09/02/2023 18:11:58
QRCode
archive.org
thumbnail

We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures.

trendmicro EN 2023 malware endpoints research Cryptocurrency campaign Fake Jobs
The Titan Stealer: Notorious Telegram Malware Campaign https://www.uptycs.com/blog/titan-stealer-telegram-malware-campaign
25/01/2023 20:37:26
QRCode
archive.org
thumbnail

The Uptycs threat research team discovered a Titan stealer malware campaign, which is marketed and sold by a threat actor (TA) through a Telegram channel.

uptycs EN 2023 Titan Stealer Campaign analysis IoCs
Massive ois[.]is Black Hat Redirect Malware Campaign https://blog.sucuri.net/2022/11/massive-ois-is-black-hat-redirect-malware-campaign.html
12/11/2022 22:31:02
QRCode
archive.org
thumbnail

Learn how attackers are redirecting WordPress website visitors to fake Q&A sites via ois[.]is. Nearly 15,000 websites affected by this malware so far.

sucuri EN 2022 campaign WordPress malware Malicious SEO Analysis ois.is
Dormant Colors browser hijackers could be used for more nefarious tasks, report says https://www.malwarebytes.com/blog/news/2022/10/report-popular-yet-harmful-browser-hijackers-could-be-used-for-more-nefarious-tasks
31/10/2022 21:31:30
QRCode
archive.org
thumbnail

Dormant Colors, a browser extension campaign, was spotted stealing browser data and hijacking search results and affiliation to thousands of sites.

malwarebytes EN 2022 browser campaign extension hijackers
Pro-PRC DRAGONBRIDGE Influence Campaign Leverages New TTPs to Aggressively Target U.S. Interests, Including Midterm Elections https://www.mandiant.com/resources/blog/prc-dragonbridge-influence-elections
26/10/2022 16:21:31
QRCode
archive.org
thumbnail

Mandiant has recently observed DRAGONBRIDGE, an influence campaign we assess with high confidence to be operating in support of the political interests of the People’s Republic of China (PRC), aggressively targeting the United States by seeking to sow division both between the U.S. and its allies and within the U.S. political system itself. Recent narratives include:

  • Claims that the China-nexus threat group APT41 is instead a U.S. government-backed actor.
  • Aggressive attempts to discredit the U.S. democratic process, including attempts to discourage Americans from voting in the 2022 U.S. midterm elections.
  • Allegations that the U.S. was responsible for the Nord Stream gas pipeline explosions.
Mendiant 2022 EN PRC China US DRAGONBRIDGE Campaign Influence TTPs Midterm
“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed https://guardiosecurity.medium.com/dormant-colors-live-campaign-with-over-1m-data-stealing-extensions-installed-9a9a459b5849
24/10/2022 07:02:14
QRCode
archive.org
thumbnail

The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!

guardiosecurity EN 2022 Campaign Data Stealing malicious Extensions browser Chrome Edge
Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium https://www.welivesecurity.com/2022/09/30/amazon-themed-campaigns-lazarus-netherlands-belgium/
02/10/2022 12:32:50
QRCode
archive.org
thumbnail

ESET researchers have discovered Lazarus attacks against targets in the Netherlands and Belgium that use spearphishing emails connected to fake job offers.

welivesecurity EN 2022 Lazarus report campaign Netherlands Belgium spearphishing
Under the hood of a Doppelgänger https://www.qurium.org/alerts/under-the-hood-of-a-doppelganger/
02/10/2022 10:00:22
QRCode
archive.org

This work is the result of a collaboration with EU DisinfoLab an independent non-profit organization focused on tackling sophisticated disinformation campaigns targeting the EU.

EU DisinfoLab has during the past three months been investigating a large disinformation campaign targeting western audience with pro-Russian propaganda. While our partner has focused on the actual disinformation being spread, Qurium has looked into the technical infrastructure in use to better understand how the campaign has been setup and operated.

The complete report from EU Disinfo Lab can be found here: Doppelganger.

Below follows the results of Qurium’s digital forensics investigation and a list of more than 50 domains used in the disinformation campaign.

qurium EUDisinfoLab EU NE 2022 report Doppelgänger propaganda disifnormation campaign
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html
30/09/2022 09:27:43
QRCode
archive.org
thumbnail

Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack utilized an unpublished Exchange security vulnerability, i.e., a 0-day vulnerability, thus immediately came up with a temporary containment plan.

gteltsc.vn EN 2022 Microsoft-Exchange Exchange 0-day RCE vulnerability campaign IoCs
In the footsteps of the Fancy Bear: PowerPoint mouse-over event abused to deliver Graphite implants https://blog.cluster25.duskrise.com/2022/09/23/in-the-footsteps-of-the-fancy-bear-powerpoint-graphite/
26/09/2022 11:08:02
QRCode
archive.org
thumbnail

Analysis of APT28/Fancy Bear PowerPoint mouse-over campaign

cluster25 2022 EN APT28 IoCs FancyBear PowerPoint campaign mouse-over Analysis
page 1 / 2
1765 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio