Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more.
Newly registered and squatting domains related to ChatGPT grew by 910% between November and April
The UK Government OSB undermines end-to-end encrypted communications and must be reconsidered according to an open letter signed by Signal and WhatsApp
Surrey and Sussex police reprimanded after recording 200,000 calls
Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims.
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.
LockBit ransomware gang is reportedly developing a new version of malware that can encrypt files on Apple macOS
Leading US software and payment platform provider NCR has confirmed that it has fallen victim to a ransomware attack.
The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware.
ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients.
Pro-Russia hackers KillNet launched a massive DDoS attack against Europe’s air-traffic agency EUROCONTROL.
The American Bar Association (ABA) disclosed a data breach, threat actors gained access to older credentials for 1,466,000 members.
A new LockBit ransomware operation has surfaced and this time, it’s targeting macOS devices.
Iranian MuddyWater hacker group has been found using the legitimate SimpleHelp remote support software to maintain persistence on victim devices.
U.K. and U.S. cybersecurity agencies have warned of Russian nation-state actors exploiting flaws affecting Cisco networking equipment.
The Lazarus Group strikes again, this time targeting Linux users in Operation Dream Job.
An investigation concludes that NSO Group was hired in 2022 to deploy Pegasus spyware against human rights workers in Mexico and other targets.
Vulnerable MS-SQL database servers have external connections and weak account credentials, researchers warn.