Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
The LockBit ransomware gang announced the publishing of data stolen from the South Korean National Tax Service.
Over 14 million records stolen from consumer lender
The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.
Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure.
Euler Finance was hacked on March 13, 2023, and around $197 million worth of cryptocurrency including $135.8 million stETH were stolen.
Europol warns of cybercriminal organizations can take advantage of systems based on artificial intelligence like ChatGPT.
Intezer researchers reported that a South Asian espionage group, tracked as Bitter, is targeting the Chinese nuclear energy industry.
Toyota Italy accidentally leaked sensitive data for more than one-and-a-half years, until this March, CyberNews reported.
The Cyber Police of Ukraine, with law enforcement officials from Czechia, has arrested several members of a gang responsible for $4.33 million scam.
A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS attacks to potentially breach the accounts of Office 365 users.
Active supply chain attack targets popular voice & video conferencing software 3CX Desktop App, affecting hundreds of well-known brands.
Ukraine’s Cyber Police and Czechia’s law enforcement officials for working together to bust a phishing gang that targeted European users.
A technique, dubbed the “Near-Ultrasound Inaudible Trojan” (NUIT), allows an attacker to exploit smartphones and smart speakers over the Internet, using sounds undetectable by humans.
The APT43 group is highly adept at using social engineering to target individuals and extract sensitive information.
Italy’s privacy Guarantor bans ChatGPT with immediate effect as it investigates its data privacy procedures.
Intrusion, Hacking et Pare-feu : Le site web de l’Assemblée nationale est inaccessible depuis ce lundi matin. Une attaque par déni de service revendiquée par le groupe de hackers…
Spyware : L’administration Biden a publié un décret interdisant au gouvernement fédéral d’utiliser des logiciels espions d’éditeurs étrangers. Plusieurs…
Une faille de sécurité affectant Microsoft Bing a été découverte. Elle permettait de trafiquer les résultats de recherche et de siphonner les données des internautes, dont les mails échangés sur Outlook et les messages Teams…
Vulkan engineers have worked for Russian military and intelligence agencies to support hacking operations, prepare for attacks on infrastructure and spread disinformation