Blog

07Fév 2025 by Webmaster

Experts Flag Security, Privacy Risks in DeepSeek AI App (Krebs on Security)

Sécurité
New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks. Public interest in the DeepSeek AI chat apps swelled following widespread media reports that the upstart Chinese AI firm had managed to match the abilities of cutting-edge chatbots while using a fraction of the specialized computer chips that leading AI companies rely on. As of this writing, DeepSeek is the third most-downloaded “free” app on the Apple store, and #1 on Google Play.…
Read More
07Fév 2025 by Webmaster

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware

Actualités
Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RMM) software as a precursor for what appears to be a ransomware attack. The intrusion leveraged the now-patched vulnerabilities to gain initial access and maintain persistent remote access to an unspecified target network, cybersecurity company Field Effect said in a
Read More
07Fév 2025 by Webmaster

Experts Flag Security, Privacy Risks in DeepSeek AI App

Actualités
New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks. Public interest in the DeepSeek AI chat apps swelled following widespread media reports that the upstart Chinese AI firm had managed to match the abilities of cutting-edge chatbots while using a fraction of the specialized computer chips that leading AI companies rely on. As of this writing, DeepSeek is the third most-downloaded “free” app on the Apple store, and #1 on Google Play.…
Read More
06Fév 2025 by Webmaster

Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023

Actualités
Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023. The total amount extorted during the first half of 2024 stood at $459.8 million, blockchain intelligence firm Chainalysis said, adding payment activity slumped after July 2024 by about 3.94%. "The number of ransomware events increased into H2, but on-chain payments declined,
Read More
06Fév 2025 by Webmaster

Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking

Actualités
Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China. "This actor has increasingly targeted key roles
Read More
06Fév 2025 by Webmaster

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

Actualités
The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC). The attacks commence with phishing emails containing a Windows shortcut (LNK) file that's disguised as a Microsoft Office or PDF document.
Read More
06Fév 2025 by Webmaster

The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025

Actualités
Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 (according to Research Nester), organizations invest heavily in PAM solutions. Why is PAM climbing the ranks of leadership priorities? While Gartner
Read More
06Fév 2025 by Webmaster

SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images

Actualités
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency wallets.  The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,
Read More