Cyber threats

New P2PInfect botnet variant discovered affecting IoT devicesNew attack and spread tactics: the disturbing evolution of P2PInfectCado Security Labs research reveals a new version of the P2PInfect malware, targeting IoT devices with MIPS processors. Originally attacking vulnerable Redis systems, P2PInfect evolved to brute-force attacks on SSH servers. With strengthened evasion methods and the ability to execute commands on compromised...

Ransomware Turtle on macOS: 360° investigation by expert Patrick WardleAnalysis of the characteristics and potential threats of Turtle ransomware on macOSSecurity analyst Patrick Wardle studied Turtle, a new ransomware for macOS. Wardle believes Turtle was originally designed for Windows and then adapted for macOS. The ransomware isn't particularly sophisticated but can still cause damage, underscoring the importance for Apple users to remain vigilant...

Bluffs: the alarm of the Italian researcher on bluetooth securityBluffs vulnerability revealed: how it risks your privacy through bluetoothThe new Bluetooth system vulnerability, called "Bluffs", was discovered by Italian researcher Daniele Antonioli. This flaw could compromise the security of various devices manufactured since 2014. It relies on the generation of weak security keys, threatening user privacy. Antonioli presented his research...

Agent Raccoon: a new malware in circulationThe complex panorama of his attack techniques and defense strategiesThe article describes the risk posed by Agent Raccoon, a dangerous new malware, which uses advanced techniques such as keyloggers and screenloggers to steal valuable information. Widespread mainly in the USA, it is often conveyed via phishing emails and escapes detection by common antiviruses. The article...

Apple responds to zero-day vulnerabilities with hotfixesApple has taken urgent action to fix two critical security flawsApple has released an urgent update to fix two zero-day vulnerabilities affecting iPhone, iPad and Mac devices. The flaws, located in the WebKit rendering engine, allowed attacks via malicious web pages that could lead to unauthorized memory reading and corruption. code execution. The security updates...

Cyberattacks and cryptocurrency laundering: North Korea's strategySanction evasion strategies and social engineering techniques adoptedThe North Korea-linked Lazarus Group uses technology to steal cryptocurrencies, bypassing sanctions. They stole around $3 billion in 6 years, taking advantage of DeFi systems to mask their tracks.

Introduction to the new SysJoker threatIn-depth analysis reveals evolutions and risks of SysJoker cross-platform malwareA new version of the SysJoker malware has been discovered. It now uses the Rust language to avoid detection and may be linked to hackers associated with Hamas, according to Check Point.

Zero-day network vulnerabilities affect IoT devicesCybersecurity experts reveal new risks for the Internet of ThingsStudio Akamai has discovered two zero-day vulnerabilities in IoT used by criminals to create botnets for DDoS attacks. Security can be improved by changing default passwords.

Google compromise attempt: LummaC2 malware revives cookiesCyber attack strategies are advancing: a potential risk to data securityCybercriminals claim they can "reanimate" expired Google cookies via Lumma malware. The risk is unauthorized access to accounts. Caution advised for users. Google investigates possible vulnerability.

Espionage activities of the russian cyber group APT28Fancy Bear's advanced tactics targeted by cyber security authoritiesA Russian cyber-espionage group, APT28, targets Western entities using advanced, hard-to-detect malware. There is an urgent need for organizations to strengthen their cyber security.

Increase in ransomware groups with multi-point extortionComplex strategies and emerging risks in the ransomware landscapeThe emerging trend in cybercrime is ransomware that uses multiple extortions, such as encrypting data and publishing stolen information. Companies must strengthen security to deal with them.

New security risks for Intel serversCritical flaw revealed in Intel server processing chipsA serious vulnerability has been discovered in Intel server processors, which could allow data attacks. Intel has released updates to fix it but they may slow down systems.

Digital defense: strategies against cyber attacksAnalysis of the latest trends in security and digital defense strategiesCyber attacks are on the rise, especially ransomware that locks data and demands ransoms. It is vital to train people on how to recognize dangers such as phishing and cooperate globally to combat cyber threats.

Expansion of the cyber threat: the case of Imperial KittenAnalysis of tactical evolutions and consequences for global securityImperial Kitten, Iranian hacker group, intensifies cyber attacks. They use social engineering and phishing to steal data. It is crucial to defend yourself with training, monitoring and information sharing in IT.

Security alert: new trends of Russian hackersNew cybercriminal methodologies and digital counterintelligence tacticsRussian groups advance cyber tactics with “Living off the Land” methods to hide in networks, creating security risks. Defense requires proactive techniques and information sharing between IT experts.

CISA alert: increase in DDoS attacks via SSDPMeasures and responses to the growing risk of DDoS attacks using SSDPUS CISA has warned of active exploits on SSDP vulnerabilities for amplified DDoS attacks. Recommends disabling unused SSDPs and configuring networks to prevent abuse.

Illegal exploitation of Azure resources for crypto miningInvestigation reveals hidden illegal mining activity on corporate cloud platformsIn the study of cloud computing, a hidden cryptocurrency miner was found on Azure. It uses advanced techniques to hide and exploit resources without being detected, raising security concerns.

Foray into the cloud: Kinsing's new modus operandiAdvanced cyberattack strategies target cloud services through a critical vulnerabilityThe Kinsing hacker group attacks cloud systems using the Looney Tunables vulnerability to install crypto-mining software and steal credentials.

Citrix Bleed: vulnerability in the two-factor authentication systemAn alert for the security of devices in the cloud and data centersThe article concerns the Citrix Bleed vulnerability, which compromises two-factor authentication systems. This vulnerability puts sensitive information at risk and can be exploited by ransomware attacks. It is important to immediately install the security patch released by Citrix to protect your...

A critical Atlassian bug has been discovered that requires an immediate updateAtlassian issues an urgent warning to Confluence usersConfluence attack in progress: Exploit code released publicly. All versions of Atlassian Data Center and Server are affected. Over 24,000 systems exhibited, mostly in the United States, China, Germany and Japan. Urgent fix recommended.

The rise of WormGPT: the danger of new cyber attacksGenerative artificial intelligence at the service of cybercrime: the new dangers of WormGPTWormGPT, a new generative AI, is worrying cybersecurity experts. This tool, without ethical limits, allows you to create sophisticated attacks on Australian businesses. Attackers use it to send convincing phishing emails and steal identities. It is an emerging threat in the field of cybersecurity.

Audio steganography: hiding and revealing informationHarnessing the art of indistinguishability: the new face of audio steganographyThe article talks about the practice of steganography in hiding information in audio files and the different techniques used. Countermeasures and tools available to detect the presence of hidden information are also mentioned.

New vulnerabilities in the NGINX Ingress Controller for KubernetesThreats to the integrity and security of Kubernetes clustersThree new high-severity vulnerabilities have been discovered in the NGINX Ingress Controller for Kubernetes, which could allow an attacker to steal credentials from the cluster. The vulnerabilities involve path sanitization, annotation injection, and code injection. The suggested solution is to update...

Nightshade: artists' secret weapon against the abuse of artificial intelligenceA new way to defend artistic creativity: Nightshade and its conspiracy against the abuse of generative AINightshade is a revolutionary tool that protects artistic works from abuse by generative artificial intelligences. It works by poisoning AI models, making results inaccurate and unusable for tech companies. Artists can take back control with this tool.

Wiki-slack attack: how business professionals are redirected to malicious websitesThe risks of link manipulation: the new method of hijacking corporate communicationsSecurity experts at eSentire have discovered a new attack called “Wiki-Slack,” which uses edits to Wikipedia pages to redirect Slack users to malicious websites containing malware. It is necessary to raise awareness among companies about this type of attack and integrate cyber resilience into business pro...

iOS threat discovered: Apple's waterproofness called into questionKaspersky discovery reveals new security threats to iOS devicesKaspersky has discovered a new threat to Apple devices called "Operation Triangulation". The attacks occur via iMessage and Safari. Apple responded with a software update to protect users.

Flipper Zero: new risks for Android and Windows devicesAn in-depth analysis of the implications and countermeasures against the bluetooth spam attack brought by Flipper ZeroThe recent Flipper Zero firmware update introduces a new feature, "bluetooth spam", which can cause annoyance by sending unwanted notifications to nearby Android and Windows devices. You can protect your devices and turn off notifications to prevent inconvenience.

Growing concerns about generative AI threatsThe growing need for protection against evolving generative AI threatsRecent GEMSERV research has shown grave concerns about new threats from generative AI to global organizations. 83% of participants believe that generative AI will drive future cyberattacks, but only 16% think their organizations truly understand advanced AI tools. These threats require adequate preparation,...

The cybersecurity challenge for Italian SMEsAnalysis of the Cyber Index PMI 2023 ReportThe Cyber Index PMI 2023 Report reveals that Italian SMEs are poorly prepared against cyber threats. There is an urgent need to promote a culture of cybersecurity and invest in training and advanced solutions. Only in this way will SMEs be able to successfully face the challenges of cybersecurity and...

Quishing: the new cyber scam that threatens online securityWhat you need to know to protect yourself from this ever-evolving cyber scamQuishing is a new cyber threat that uses SMS to trick victims and steal personal information. You should avoid clicking on suspicious links and keep your devices secure to protect yourself from this scam. #safety #quishing

Worrying increase in ransomware attacks in 2023The sectors most affected and the implications for cybersecurityCorvus Insurance report shows that ransomware attacks increased by 95% in 2023 compared to the previous year. CL0P Group was responsible for much of the activity, but other industries such as law firms, government agencies and the oil sector saw significant increases. It is essential to implement adequate...

Economy criminal hackersDetailed analysis of cybercriminal tactics in the digital economy landscapeThe article describes the strategies used by cybercriminals to commit computer fraud and extortion, exploiting cryptocurrencies such as Bitcoin. We are talking about ransomware, double extortion, DDoS attacks and scams based on the psychological deception of victims. Extortion strategies, which take...

North Korean attacks exploit flaw in JetBrains TeamCityDetails of Lazarus Group attacks on JetBrains TeamCity vulnerabilitiesMicrosoft reported North Korean attacks on JetBrains TeamCity, exploiting a serious security flaw. The attacks aim to compromise servers and use various techniques, including Trojans and custom proxies. Microsoft attributed the attacks to known groups linked to the North Korean government.

Cybersecurity crisis in the Middle EastThe challenge of Israeli companies in combating cybercrime in the Middle EastThe crisis in the Middle East threatens Israeli start-ups, but they demonstrate resilience, defending themselves from cyber attacks and contributing to innovation in the cybersecurity sector.

Risks of AI in technological warfare: the chinese threatThe risks of chinese technological supremacy and the impact on AI in technological warfareThe FBI and the White House warn of the danger of artificial technologies and artificial intelligence, which can be used against them and harm local businesses. China is identified as the main security threat.

Exploiting Discord in critical infrastructure threatsAn insidious trend: the growing use of Discord as a tool to attack critical infrastructureNew findings show that state-run hacker groups are using Discord to attack critical infrastructure, exploiting its content delivery network and stealing sensitive data via webhooks. Loaders such as SmokeLoader and PrivateLoader download malicious payloads from Discord's CDN.

Record DDoS attacks: fixes quickly releasedHTTP2 vulnerability exploited by large-scale DDoS attacks: here are the solutionsWeb server vendors address Rapid Reset vulnerability in HTTP2 protocol that caused DDoS attacks. Fixes have been released for many affected products. Large DDoS attacks have been mitigated thanks to a zero-day vulnerability in the HTTP/2 protocol called HTTP/2 Rapid Reset.

Hacking black market: traffic of bugs and exploits on the riseBlack market explosion: searching for vulnerabilities in the digital ageHacking mobile phones, particularly via apps like WhatsApp, is becoming increasingly expensive. Zero-day vulnerabilities have reached very high prices, demonstrating the importance of investing in security. Illegal trafficking in malware and spyware is growing, putting users' online privacy at risk....

LLMs reduce the barrier to entry into cybercrimeThe growing threat of chatbots in the field of cybercrime: a new ally for cybercriminalsCybercriminals' use of chatbots and advanced language models makes phishing campaigns increasingly effective, with threats constantly evolving. Traditional security tools often fail to detect these attacks, causing growing concern in the cybersecurity industry.

A multifaceted scourge that knows no rest: the persistent rule of NecursDefeating the dark lord of cyberspace: the never-ending fight against NecursNecurs is a botnet that distributes malware for data theft and financial damage, demonstrating great adaptability and difficulty in countering it. Recent speculation about his possible disappearance still remains uncertain.

Mozilla warns of fake Thunderbird downloads distributing ransomwareRansomware threats via fake Thunderbird downloads are on the riseMozilla has warned of scams offering Thunderbird downloads, used by ransomware group Snatch to spread malware. Users are advised to download Thunderbird only from trusted websites to protect themselves from ransomware attacks.

Cyber attacks: a magnifying glass on securityRevealing hidden vulnerabilities: an in-depth analysis of cyber attacksCyberattacks highlight gaps in corporate security, but it's important to combat hackers who abuse user data to commit fraud. The article highlights that companies need to invest in advanced technologies, train staff and take appropriate security measures to protect users.

Kaspersky unveils new malware targeting the financial and cryptocurrency sectorsThe new malware that puts the financial and cryptocurrency system at risk: Kaspersky's warningThe cryptocurrency and financial sector is threatened by three new malware: Zanubis, AsymCrypt and Lumma. Zanubis is a banking Trojan that hides in legitimate applications on Android devices. AsymCrypt hits crypto wallets and is sold on underground forums. Lumma is an ever-evolving file stealer. It is...

Temu: Spyware or just an e-commerce app?An analysis of the allegations made by Grizzly Research against Temu, the e-commerce app, and considerations on the implications for data securityE-commerce app Temu has come under accusations of being spyware aimed at collecting user data. A study highlighted cybersecurity and financial security issues with the app, but it cannot be established with certainty whether the allegations are true. One must be cautious when considering the reliability...

Effective cyber attack via images in the corporate environmentAn ingenious cyber attack that uses images to infiltrate companiesSpear-phishing emails with apparent images about the Armenia-Azerbaijan conflict hide malware that steals sensitive data. Management teams associated with Azerbaijani company targeted. The malware, written in Rust, creates temporary files to steal information during non-business hours.

Google fixes a new zero-day vulnerability exploited by a spyware vendorAn urgent patch has been released to protect users from espionage activity via a zero-day vulnerability in ChromeGoogle has released a Chrome update to address a zero-day vulnerability exploited by a spyware vendor. The stable version 117.0.5938.132 resolves the critical vulnerability identified as CVE-2023-5217. It is the sixth zero-day solved by Google in 2023.

Fake version of Bitwarden spreads ZenRAT malwareThe new ZenRAT malware uses the Bitwarden name to infect users: here's how it worksA new type of malware called ZenRAT is distributed through spoofed installation packages of the Bitwarden password manager. This malware steals sensitive information of Windows users, but redirects users of other operating systems to harmless pages.

Hackers trick Outlook by showing fake AV scansA sophisticated obfuscation technique tricks Outlook users with virus scanning scamsIn a new phishing trick called ZeroFont, cybercriminals obfuscate Outlook emails to appear to have been successfully scanned, tricking recipients. Organizations and employees must remain informed and alert to this technique to thwart phishing attacks.

Growing threat: Russian cyber warfare operations in UkraineThe increase in Russian attacks highlighted in the report of the Ukrainian cyber defense organizationRussian hackers targeted Ukrainian law enforcement agencies to gather information on war crimes investigations. Cyberattacks in Ukraine have increased, but defenses are improving. Russia integrates cyber warfare operations into its military strategies.

Ransomware Knight: the digital threat affecting ItalyThe serious threat that puts the security of Italian companies at risk: Ransomware KnightRansomware Knight attacks Italy: the dangerous malware targets companies and demands a ransom in Bitcoin. Protecting yourself from this ransomware is crucial by paying attention to suspicious emails and using telemetry and threat intelligence systems.