Iranian APT33 targets US firms with destructive malware.

cyber

    The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea. The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill wiper malware—a […]

Tunisie: Nouveaux métiers du web ?

cyber

Ceux qu’on appelle notamment «influenceurs» sont passionnés de voyage, de jeux vidéos, de mode et de life style … .. qui savent bien se repérer et se démarquer sur les réseaux sociaux. Ils pratiquent leur «hobby» mais influencent leurs abonnés et fans. Il est à noter, tout d’abord, que le […]

8,2 milliards d’appareils piratables via Bluetooth

cyber

Le cabinet Armis Labs a identifié 8 vulnérabilités dont 4 critiques permettant à des pirates de se connecter, prendre le contrôle et déployer des malwares sur n’importe quel terminal via la liaison Bluetooth. Baptisée BlueBorne, cette vulnérabilité peut être exploitée sur les appareils Windows, Linux, iOS et Android. To read […]

Kaspersky banni de l’administration américaine

cyber

La sanction est tombée et ce n’est pas vraiment une surprise après la publication en juillet dernier d’un rapport du sénat américain recommandant le bannissement des solutions de Kaspersky Lab de toutes les instances fédérales. To read the original article : http://www.lemondeinformatique.fr/actualites/lire-kaspersky-banni-de-l-administration-americaine-69381.html

Google va suspendre les certificats Symantec dans Chrome

cyber

Au cours des prochains mois, Google a annoncé suspendre les certificats de sécurité de Symantec émis avant le 1er juin 2016 dans son navigateur web Chrome. Une décision qui intervient après de longs mois de discorde entre les deux fournisseurs. To read the original article : http://www.lemondeinformatique.fr/actualites/lire-google-va-suspendre-les-certificats-symantec-dans-chrome-69395.html

POS Malware Abuses Exposed ElasticSearch Nodes for C&C

cyber

Two point of sale (POS) malware families have been abusing thousands of publicly accessible ElasticSearch nodes for command and control (C&C) purposes, Kromtech security researchers warn. Malicious files discovered on the ElasticSearch deployments referenced to the AlinaPOS and JackPOS malware families, which are well known for their wide use in credit card data […]

New “Red Alert” Android Banking Trojan Emerges

cyber

A recently discovered Android banking Trojan features a bot and command and control panel fully written from scratch, SfyLabs has discovered. Dubbed Red Alert 2.0, the malware has been designed and distributed over the past several months by a new threat actor, the researchers say. The threat features new code but […]

EU to Launch Cybersecurity ‘Safety Labels’

cyber

The European Union unveiled plans Tuesday to step up its response to cyber attacks, including a new intelligence-sharing agency, cyber war games and product safety labels. The proposals by the European Commission, the executive arm of the 28-nation bloc, come amid growing concerns over election hacking by foreign states, ransomware […]

How to recognize a targeted malware/phishing attack

cyber

I received an email pretending to be from my hoster Strato (known as Cronon AG) telling me that my domain I have for my IT Consulting business has been suspended because of complains they received. This kind of email is called “Spear Phishing”: it targets only certain users that have a proven […]

Ransomware: Prevention is the best solution

cyber

Ransomware is malicious software that denies you access to your computer or files until you pay a ransom. There are several types of ransomware that are commonly seen: files/folders encryptors screen ‘lockers‘ MBR ransomware (MBR: master boot record) To read the original article : http://improve-your-security.org/ransomware-prevention-is-the-best-solution/