Cyber-espionnage : TA453 lance une série d’attaques contre plusieurs personnalités occidentales, toutes spécialisées dans l’analyse des politiques publiques au Moyen-Orient

Les chercheurs en cybersécurité de Proofpoint ont publié aujourd’hui de nouveaux renseignements sur les activités du groupe TA453, un acteur de la menace lié à l’état Iranien, et aussi connu sous le nom de « Charming Kitten », « PHOSPHORUS » ou encore « APT42 ».  Tribune – Le groupe a été observé ciblant des individus spécialisés dans l’analyse des affaires […]

Continue Reading

Phishing PyPI users: Attackers compromise legitimate projects to push malware

PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that some maintainers of legitimate projects have been compromised, and malware published as the latest release for those projects. These releases have been removed from PyPI and the maintainer accounts have been temporarily […]

Continue Reading

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. Like other sophisticated adversaries, this group also updates its tools very quickly. In early 2022, we observed this group was attacking the media and a think-tank in South Korea and reported technical details to […]

Continue Reading

Twilio confirmes data breach after its employees got phished

Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some internal company systems and customer data. What happened? The attackers impersonated Twilio’s IT department and sent text messages to current and former Twilio employees, asking them to click […]

Continue Reading

APT trends report Q2 2022

For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are […]

Continue Reading

Human activated risk still a pain point for organizations

Egress announced the results of a report, which revealed that 56% of IT leaders say that their non-technical staff are only ‘somewhat’ prepared, or ‘not at all’ prepared, for a security attack. Six hundred IT security leaders across a broad range of industries were anonymously surveyed regarding their organizations’ security posture in this heightened threat […]

Continue Reading

Les programmes malveillants et l’hameçonnage profitent de la situation conflit géopolitique | Blog officiel de Kaspersky

Comme vous le savez, les articles publiés sur ce blog vous expliquent souvent comment les cybercriminels profitent de n’importe quelle situation pour la tourner à leur avantage, gagner rapidement de l’argent ou s’infiltrer dans l’infrastructure d’une entreprise. Nous avons déjà vu comment ils se sont servis du coronavirus, des différentes Coupes du monde, des Jeux […]

Continue Reading