Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
A group of China-backed hackers stole a key allowing access to U.S. government emails. One big mystery solved, but several questions remain.
Beware of impostor apps in the Google Play Store. Fake Telegram apps have been stealing data from millions of Android users.
Plusieurs établissements médico-sociaux situés à Strasbourg ont été victimes d'une intrusion dans leurs systèmes d'information….-Cybersécurité
New details on how Musk thwarted Ukraine’s submarine drone attack near Crimea.
The group, best known for 2016 US election interference and other attacks on Ukraine, used phishing emails offering pictures of women to lure its victim into opening a malicious attachment.
This time, they’re creating elaborate impostor profiles and using a fresh zero-day and a fake Windows tool to lure in the suspecting.
Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists
Crypto gambling site Stake suffered a security breach, and threat actors withdrew $41M of funds stolen including Tether and Ether
The Coffee Meets Bagel dating platform confirms last week’s outage was caused by hackers breaching the company’s systems and deleting company data.
Threat actors convince employees to reset MFA for Super Admin accounts in the IAM service to leverage compromised accounts, impersonating users and moving laterally within an organization.
Ukrainian cyber defenders say Russian military hackers targeted a critical energy infrastructure facility with phishing emails containing a malicious script leading
Medgate a subi des cyberattaques le 30 août et le 4 septembre. Certaines parties de l’infrastructure informatique du fournisseur de télémédecine ont été stoppées. Les communications par téléphone ont aussi été affectées.
India has warned its citizens of an advanced malware targeting Android users, capable of accessing sensitive data and allowing hackers control over India has issued a cautionary note about a sophisticated malware campaign targeting Android users in the country, carrying the potential to gain access to sensitive user data and allowing hackers to take control of infected devices.
The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM).
The world’s largest cryptocurrency casino and sportsbook platform Stake became a target of a financially motivated cyberattack, losing over $41M.
Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages.
A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down.
Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt to trick them into resetting multi-factor authentication (MFA) for high-privileged users.
Threat actors have been utilizing brute force attacks to compromise exposed MSSQL databases to distribute the FreeWorld ransomware.