Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles.
Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉
Feds catch another LockBit hacker, Justice Department announces
The Justice Department has arrested and charged a Russian national for his alleged role in multiple LockBit ransomware attacks against victims in the U.S. and around the world.
US govt offers $10 million bounty for info on Clop ransomware
The U.S. State Department’s Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the Clop ransomware attacks to a foreign government.
Millions of Americans’ personal DMV data exposed in massive MOVEit hack
Over 6.5 million residents of Louisiana and Oregon affected, impact may potentially widen.
Russia-backed hackers unleash new USB-based malware on Ukraine’s military
Shuckworm’s relentless attacks seek intel for use in Russia’s invasion of Ukraine.
LockBit claims ransomware attack on pharma giant Granules India
The Russia-linked ransomware gang claimed responsibility for the cyberattack targeting the Indian pharmaceutical giant.
A Massive Vaccine Database Leak Exposes IDs of Millions of Indians
Personal information, including ID documents and phone numbers, have been released on Telegram.
BreachForums Returns Under the Control of ShinyHunters Hackers
The return of the infamous BreachForums was announced by Baphomet on Telegram, one of the administrators of the original forum.
A DB containing data of +8.9 million Zacks users was leaked online
A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum.
Hackers steal $3 million by impersonating crypto news journalists
A hacking group tracked as ‘Pink Drainer’ is impersonating journalists in phishing attacks to compromise Discord and Twitter accounts for cryptocurrency-stealing attacks.
Massive phishing campaign uses 6,000 sites to impersonate 100 brands
A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June 2022, tricking people into entering their account credentials and financial information on fake websites.
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware.
Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data.
Rhysida ransomware leaks documents stolen from Chilean Army
Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents stolen from the network of the Chilean Army (Ejército de Chile).
Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems
Chinese state-sponsored group UNC3886 exploits a zero-day VMware authentication bypass flaw (CVE-2023-20867) to backdoor Windows, Linux, and PhotonOS.
LockBit Ransomware Extorts $91 Million from U.S. Companies
LockBit ransomware scheme extorts $91 million from U.S. organizations in a series of devastating attacks since 2020.
New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
Researchers uncover a concerning software supply chain attack using expired Amazon S3 buckets to distribute malware-infected binaries.
U.S. Government Agencies Targeted In Latest Global Cyberattack
A global cyberattack has hit multiple U.S. government agencies, federal officials said Thursday, joining a string of recent hacks that target a vulnerability in a widely used file-transfer software.
Clop Ransomware gang strikes London Transport for London (TfL) – Cybersecurity Insiders
Clop ransomware gang has targeted the databases of Transport for London (TfL) customers, thus stealing information of over 13,000 drivers listed on the
Attaque DDoS contre l’administration fédérale: plusieurs applications et sites Internet ne sont plus accessibles
Informations actuelles de l’administration. Tous les communiqués de l’administration fédérale, des départements et des offices.
Cyberattaque contre l’entreprise Xplain: les premiers résultats des analyses indiquent que des mesures sont nécessaires
Informations actuelles de l’administration. Tous les communiqués de l’administration fédérale, des départements et des offices.