Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts – CyberScoop
The response to a data breach at a prominent Finnish psychotherapy practice intensified over the weekend after cybercriminals reportedly posted batches of patient information on the dark web and claimed that individual people could protect their data by directly paying a ransom.
Hacker is selling 34 million user records stolen from 17 companies
A threat actor is selling account databases containing an aggregate total of 34 million user records that they claim were stolen from seventeen companies during data breaches. On October 28th, a data breach broker created a new topic on a hacker forum to sell the stolen user databases for seventeen companies.
Cyberattaques / fraudes
European ransomware group strikes US hospital networks, analysts warn
An Eastern European cybercriminal group has conducted ransomware attacks at multiple U.S. hospitals in recent days in some of the most disruptive cyber-activity in the sector during the coronavirus pandemic, cybersecurity company FireEye said Wednesday. The group, which FireEye calls UNC1878, has been deploying Ryuk ransomware and taking multiple hospital IT networks offline, said Charles Carmakal, senior vice president of Mandiant, FireEye’s incident response arm.
Hacking group is targeting US hospitals with Ryuk ransomware
In a joint statement, the U.S. government is warning the healthcare industry that a hacking group is actively targeting hospitals and healthcare providers in Ryuk ransomware attacks. Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) announced a call with the healthcare industry to warn them of an ‘Increased and Imminent Cybercrime Threat.’
Hacker steals $24 million from cryptocurrency service ‘Harvest Finance’ | ZDNet
A hacker has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance (DeFi) service Harvest Finance, a web portal that lets users invest cryptocurrencies and then farm the price variations for small profit yields. The hack took place earlier today and was almost immediately confirmed by Harvest Finance administrators in messages posted on the company’s Twitter account and Discord channel.
Maze ransomware is shutting down its cybercrime operation
The Maze cybercrime gang is shutting down its operations after rising to become one of the most prominent players performing ransomware attacks. The Maze ransomware began operating in May 2019 but became more active in November. That’s when the media-savvy operation revolutionized ransomware attacks by introducing a double-extortion tactic.
Sopra Steria confirms it was hit by new strain of Ryuk ransomware, will take weeks to return to normal operations
This article is more than 1 year old European IT services group Sopra Steria has shared more details of the cyber attack which hit its offices last week, confirming speculation that it fell victim to a ransomware attack.
Hackers Make Off With Millions From Wisconsin Republicans
According to the Wisconsin Republican Party, thieves used altered invoices to make off with $2.3 million in election funds. The chairman of the Wisconsin Republican Party says hackers stole $2.3 million from an account being used to help re-elect President Donald Trump.
KashmirBlack botnet behind attacks on CMSs like WordPress, Joomla, Drupal, others | ZDNet
A highly sophisticated botnet is believed to have infected hundreds of thousands of websites by attacking their underlying content management system (CMS) platforms. Also: Best web hosting services Named KashmirBlack, the botnet started operating in November 2019.
Failles / vulnérabilités
Trump Campaign Website Defaced by Cryptocurrency Scam
Hackers claim to have access to classified information linking the president to the origin of the coronavirus and criminal collusion with foreign actors. UPDATE Hackers took over President Trump’s 2020 election campaign website late Tuesday, replacing parts of the site with a cryptocurrency scam before returning it to its original content several minutes later.
Réglementaire / juridique
Brit accused of spying on 772 people via webcam CCTV software tells court he’d end his life if extradited to US
A Briton is reportedly fighting extradition to the United States after deploying webcam malware onto hundreds of women’s laptops so he could spy on them undressing and having sex. Christopher Taylor, a 57-year-old labourer, appeared by video link at Westminster Magistrates’ Court to contest an extradition attempt by the US government, according to the Court News UK newswire.
Divers
Hacker steal $24M, returnes $2.5M to DeFi protocol Harvest Finance
The DeFi sector has been the favorite target of attackers this year. And why wouldn’t it be as the industry is growing by billions of dollars each month, and that’s why it is attracting not only investors but hackers too. The latest to be targeted by malicious threat actors is the decentralized finance (DeFi) protocol called Harvest Finance.
Spain takes down terrorist cell recruiting online for the so-called Islamic State
On 28 October, Europol supported the CGI of the Spanish National Police (Comisaría General de Información de la Policía Nacional) in arresting three suspects linked to a terrorist cell actively recruiting and indoctrinating young people. The individuals, among which feature the alleged leaders of the cell, were arrested as a result of house searches carried out in San Sebastian and Pasaia in northern Spain.
1 Comment
Comments are closed.
Pingback: Veille Cyber N308 – 09 novembre 2020 |