curated by Decio

Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent

March 3, 2025

New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran

A newly discovered global cyber threat is rapidly expanding, infecting tens of thousands of internet-connected devices to launch powerful cyberattacks.

greynoise, EN, 2025, analysis, botnet, internet-connected, devices, to, Iran

Des cybercriminels s'en prennent à Cistec, fournisseur suisse de système clinique | ICTjournal

Cistec, fournisseur suisse de système d'information d'information clinique, d'une attaque par ransom

ictjournal, FR, CH, 2025, Cistec, SIH, ransomware

Guerre en Ukraine : trois années d’opérations informationnelles russes

Ce rapport présente sous la forme d’une synthèse les principaux modes opératoires informationnels observés depuis trois ans, dont la majeure partie est apparue en corollaire de la guerre d’agression menée par la Russie en Ukraine.

sgdsn.gouv.fr, FR, 2025, rapport, opérations, informationnelles, Russie, Ukraine

Doppelgänger: New disinformation campaigns spreading on social media through Russian networks

This report presents:

The intrusion set commonly known as Doppelgänger continues to spread disinformation narratives on social medias such as X, through bot accounts specifically made for such campaigns.
As for its previous campaigns, Doppelgänger pushes its anti-western narrative on pages spoofing the medias of the targeted countries, such as France, Germany, Italy, Ukraine, and Israel. The disinformation campaign aims to manipulate public opinion by exploiting sensitive issues and exacerbating social and geopolitical divisions.
The linguistic characteristics of the articles suggest that some of them were translated from Russian or edited by Russian natives, reinforcing the hypothesis that they are of Russian origin.
In order to bypass both manual and automatic moderation on social media platforms, Doppelgänger continues to leverage Kehr[.]io, a redirection provider advertised on Russian speaking underground forums. This service hosts its infrastructure on IPs announced by English companies managed by Ukrainian and Belarusian individuals that we could connect with a high level of confidence to bulletproof network hosting solutions.
The disinformation campaigns remain ongoing.

intrinsec, EN, 2025, Doppelgänger, Russia, disifnormation, campaigns

Astrill VPN: Silent Push Publicly Releases New IPs on VPN Service Heavily Used by North Korean Threat Actors

Silent Push reveals Astrill VPN is still being heavily used by NK Lazarus Group threat actors to hide their IP addresses during attacks

silentpush, EN205, Astrill, VPN, Lazarus, North-Korea

360XSS: Mass Website Exploitation via Virtual Tour Framework for SEO Poisoning

360XSS - Hackers are exploiting a reflected XSS vulnerability in the "Krpano" VR library across hundreds of websites for SEO poisoning.

olegzay.com, EN, 2025, 360XSS, reflected-XSS, VR, library, SEO-poisoning

Commission launches new cybersecurity blueprint to enhance EU cyber crisis coordination | Shaping Europe’s digital future

The Commission has presented a proposal to ensure an effective and efficient response to large-scale cyber incidents.

digital-strategy.ec.europa.eu, EN, 2025, policy, blueprint, strategy, cybersecurity, incidents

Zapier says someone broke into its code repositories and may have accessed customer data

Zapier is notifying customers about a “security incident,” which involved an unauthorized user gaining access to the company’s code repositories and “certain custom information.”

theverge, EN, 2025, Zapier, incident, repositories, data-leak

Spyzie stalkerware is spying on thousands of Android and iPhone users

Another little-known phone monitoring outfit has quietly amassed half a million customers, whose email addresses are now in Have I Been Pwned.

techcrunch, EN, 2025, Spyzie, stalkerware, data-leak, HIBP