Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Microsoft reveals how hackers stole its email signing key… kind of | TechCrunch
A group of China-backed hackers stole a key allowing access to U.S. government emails. One big mystery solved, but several questions remain.
Lockbit gonfle ses serveurs et ses cyber attaques
Gestion des cookies We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
Beware of impostor apps in the Google Play Store. Fake Telegram apps have been stealing data from millions of Android users.
Un groupe hospitalier strasbourgeois est victime d’une cyberattaque
Plusieurs établissements médico-sociaux situés à Strasbourg ont été victimes d'une intrusion dans leurs systèmes d'information….-Cybersécurité
Musk refused Ukraine’s request to enable Starlink for drone attack [Updated]
New details on how Musk thwarted Ukraine’s submarine drone attack near Crimea.
Russia’s ‘Fancy Bear’ APT Targets Ukrainian Energy Facility
The group, best known for 2016 US election interference and other attacks on Ukraine, used phishing emails offering pictures of women to lure its victim into opening a malicious attachment.
North Korean Hackers Target Security Researchers – Again
This time, they’re creating elaborate impostor profiles and using a fresh zero-day and a fake Windows tool to lure in the suspecting.
LastPass security breach linked to $35 million stolen in crypto heists
Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists
Hackers stole $41M worth of crypto assets from crypto gambling firm Stake
Crypto gambling site Stake suffered a security breach, and threat actors withdrew $41M of funds stolen including Tether and Ether
Coffee Meets Bagel says recent outage caused by destructive cyberattack
The Coffee Meets Bagel dating platform confirms last week’s outage was caused by hackers breaching the company’s systems and deleting company data.
Hackers Target High-Privileged Okta Accounts via Help Desk
Threat actors convince employees to reset MFA for Super Admin accounts in the IAM service to leverage compromised accounts, impersonating users and moving laterally within an organization.
APT28 Spear-Phishes Ukrainian Critical Energy Facility
Ukrainian cyber defenders say Russian military hackers targeted a critical energy infrastructure facility with phishing emails containing a malicious script leading
Medgate touché par une double cyberattaque
Medgate a subi des cyberattaques le 30 août et le 4 septembre. Certaines parties de l’infrastructure informatique du fournisseur de télémédecine ont été stoppées. Les communications par téléphone ont aussi été affectées.
India warns of malware attacks targeting its Android users | TechCrunch
India has warned its citizens of an advanced malware targeting Android users, capable of accessing sensitive data and allowing hackers control over India has issued a cautionary note about a sophisticated malware campaign targeting Android users in the country, carrying the potential to gain access to sensitive user data and allowing hackers to take control of infected devices.
LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)
The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM).
World’s Largest Cryptocurrency Casino Stake Hacked for $41 Million
The world’s largest cryptocurrency casino and sportsbook platform Stake became a target of a financially motivated cyberattack, losing over $41M.
Meta disrupted two influence campaigns from China and Russia
Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages.
DDoS attack took down the site of German financial agency BaFin
A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down.
Okta: Hackers target IT help desks to gain Super Admin, disable MFA
Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt to trick them into resetting multi-factor authentication (MFA) for high-privileged users.
Hackers Attacking MSSQL Servers To Deploy Ransomware
Threat actors have been utilizing brute force attacks to compromise exposed MSSQL databases to distribute the FreeWorld ransomware.