Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 17:39:09 |
Biden adds Mandia and other cybersecurity execs to advisory committee (lien direct) |
President Joe Biden added several cybersecurity executives to the National Security Telecommunications Advisory Committee (NSTAC), which advises the White House on national security issues and emergency preparedness. Mandiant CEO Kevin Mandia, Rapid7 CEO Corey Thomas and Trellix CEO Bryan Palma were added to the committee alongside several other cybersecurity executives, including Microsoft Vice President of [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 16:28:35 |
Germany hires new cybersecurity chief in wake of Russian scandal (lien direct) |
Germany's interior ministry has announced the appointment of Claudia Plattner, formerly the director general for information systems at the European Central Bank (ECB), as its new cybersecurity chief. Plattner joins the Federal Office for Information Security (BSI) in the wake of a scandal left by its former president Arne Schönbohm, regarding accusations that he had [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 16:08:53 |
Remcos software deployed in spying attempt on Ukraine\'s government, CERT says (lien direct) |
Hacking group UAC-0050 tried to deploy the remote management software Remcos in an effort to spy on government agencies, Ukraine said |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 14:18:24 |
LockBit ransomware group threatens Royal Mail with data leak deadline (lien direct) |
The LockBit cybercriminals told the British mail service it has until February 9 to pay up to protect data apparently stolen in January |
Ransomware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 13:58:28 |
Shares in British engineering company dive as it announces cost of cyberattack (lien direct) |
Morgan Advanced Materials said its response to a cyberattack in January could cost as much as £12 million. Its shares took a 5 percent hit |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 13:12:44 |
All classes canceled at Irish university as it announces \'significant IT breach\' (lien direct) |
Munster Technological University (MTU) in Ireland announced on Monday that its campuses in Cork would be closed following a “significant IT breach and telephone outage.” “All classes, full-time and part-time, are cancelled” on both Tuesday and Wednesday, the university's statement said. A number of learning tools, including one called Canvas used to manage student assignments, [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 12:30:06 |
China\'s tech weapons roll in to quell demonstrations, identify protesters (lien direct) |
Back in October, a day before President Xi Jinping was set to assume an unprecedented third term as general secretary of the Chinese Communist Party, an activist named Peng Lifa made his way to a highway overpass not far from one of China's key tech quarters. He was wearing a construction worker's outfit and was [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 23:20:31 |
West Virginia students returning to class after days-long outage following cyberattack (lien direct) |
Nearly 20,000 students in West Virginia were forced to miss classes on Monday due to a cyberattack that crippled their school. Berkeley County Schools said on Friday it was experiencing an internet and phone outage on Friday and spent the weekend working through issues related to a cyberattack. Superintendent Ronald Stephens wrote a note to [… |
General Information
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 21:24:18 |
Darknet drug market BlackSprut openly advertises on billboards in Moscow (lien direct) |
It's unclear why BlackSprut was able to buy the Moscow billboard space, but Russia is known for some permissiveness toward darknet groups |
Legislation
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 14:28:11 |
\'Massive\' new ESXiArgs ransomware campaign has compromised thousands of victims (lien direct) |
Thousands of servers running an unpatched version of VMware's ESXi product are vulnerable to ransomware, researchers say |
Ransomware
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 13:45:02 |
British steel industry supplier Vesuvius \'currently managing cyber incident\' (lien direct) |
Vesuvius Plc confirmed that the incident “involved unauthorized access to our systems,” but it did not provide further details |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 21:50:38 |
CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) said two vulnerabilities from Oracle and SugarCRM are actively being exploited and ordered federal civilian agencies to patch them before February 23. On Thursday, CISA added CVE-2022-21587 – affecting Oracle’s E-Business suite – and CVE-2023-22952 – which affects multiple products from SugarCRM – to its Known Exploited Vulnerabilities [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 20:28:11 |
Zero day affecting Fortra\'s GoAnywhere file transfer tool is actively being exploited (lien direct) |
Fortra issued a private advisory about the zero-day. Cyber researchers then highlighted the information. There's no mention of a patch |
Tool
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 20:23:18 |
Customizable new DDoS service already appears to have fans among pro-Russia hacking groups (lien direct) |
For $120 per month, Passion allows customers to “customize” their DDoS incidents. The tool allegedly has been used against hospital websites |
Tool
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 20:19:07 |
New York attorney general fines developer of stalking apps (lien direct) |
The New York attorney general has ordered a spyware maker whose apps are marketed as tools for surveilling one's partner to pay a $410,000 fine and amend their business practices. Under Thursday's agreement with Patrick Hinchy, a Florida-based man whose 16 companies operate a constellation of spyware apps and services, the entities must alter practices [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 18:19:29 |
Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack (lien direct) |
A Tallahassee hospital has been forced to divert patients to other facilities and cancel all non-emergency surgical procedures after being hit by a cyberattack that began on Thursday night. Tallahassee Memorial HealthCare – one of the biggest hospitals serving a 21-county region in north Florida and south Georgia – said they have had to take their [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 16:53:57 |
Microsoft accuses Iran\'s government of cyber operation against Charlie Hebdo (lien direct) |
Microsoft says the data breach of Charlie Hebdo was retaliation for the satire publication's call for drawings of Iran's leader, Ali Khamenei. |
Data Breach
Guideline
|
|
★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 14:49:36 |
Julius \'zeekill\' Kivimäki, former Lizard Squad hacker, arrested in France (lien direct) |
Julius Kivimäki was being sought in the investigation into a cyberattack targeting Vastaamo, a Helsinki-based private psychotherapy center. |
Legislation
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 14:20:42 |
Russia-linked hacking against national labs spurs inquiry from two House chairmen (lien direct) |
The Russian group, known as Cold River, reportedly targeted the Brookhaven, Argonne and Lawrence Livermore labs in mid-2022 |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 12:29:09 |
Switzerland\'s largest university confirms \'serious cyberattack\' (lien direct) |
The University of Zurich, Switzerland's largest university, announced on Friday it was the target of a “serious cyberattack,” which comes amid a wave of hacks targeting German-speaking institutions. The university's website is currently inaccessible, but the phone line to the press office is working. In a statement sent to The Record, a spokesperson described the [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 21:04:29 |
Hackers linked to North Korea targeted Indian medical org, energy sector (lien direct) |
The North Korean military's notorious hacking arm – known as the Lazarus Group – has been accused of targeting public and private sector research organizations, an Indian medical research company and other businesses in the energy sector. Security analysts at WithSecure said they were called on to respond to a cyberattack that they initially tied to the [… |
Medical
Medical
|
APT 38
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 20:23:43 |
Feds get guilty plea in Ubiquiti data extortion case (lien direct) |
Nickolas Sharp's audacious insider attack on his then-employer involved data theft, a ransom demand and disinformation to the media |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 18:21:24 |
Last year was the worst on record for crypto hacks, as North Korean groups cash in (lien direct) |
Nearly $4 billion was stolen in cyberattacks on cryptocurrency platforms in 2022, fueled in large part by hackers working on behalf of the North Korean government. Blockchain research firm Chainalysis found that it was a banner year for hackers targeting cryptocurrency firms, with about $3.8 billion in total stolen from companies in the industry, up [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 15:54:42 |
QNAP warns of new bug prompting worries of potential Deadbolt ransomware exploitation (lien direct) |
QNAP is warning customers to update their devices after a vulnerability was discovered making thousands of devices susceptible to attack |
Ransomware
Vulnerability
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 15:24:42 |
Data breach at Vice Media involved SSNs, financial info (lien direct) |
A data breach involving Vice Media leaked the sensitive information and financial data of more than 1,700 people, according to filings with Maine's Attorney General. In two separate filings on January 26 and 31, Vice Media said it was alerted in March 2022 that there was a cyberattack on its network. The media company hired [… |
Data Breach
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 13:57:35 |
Ransomware gang attempts to extort UK school by posting files about at-risk children (lien direct) |
The Vice Society group apparently posted files that included safeguarding reports, which record information about at-risk students |
Ransomware
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 13:48:50 |
Scammers managed to slip crypto apps onto Apple, Google app stores (lien direct) |
Scammers were able to get two fraudulent apps onto the app stores run by both Google and Apple that allowed them to push users into making fake cryptocurrency investments, according to a new report. Researchers from Sophos said they discovered Ace Pro and MBM_BitScan on both Google's Play Store and Apple's App Store. The apps [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 07:30:00 |
Here\'s who intelligence insiders tip for the next GCHQ director (lien direct) |
The search is on for one of the most senior roles in British intelligence. U.K. intelligence community (UKIC) insiders believe that the departure of GCHQ's current director, Sir Jeremy Fleming, offers a good opportunity for the agency to bring in its first female executive. A handful of in-the-knows told The Record of more than half […] |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-01 20:59:46 |
Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware (lien direct) |
The Russian-sponsored hacker group known as Gamaredon continues to attack Ukrainian organizations and remains one of the “key cyber threats” for Ukraine's cyberspace, according to a report the Ukrainian government published Wednesday. Ukraine claims that Gamaredon operates from the city of Sevastopol in Russia-occupied Crimea, but acts on orders from the FSB Center for Information [… |
Malware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-01 19:25:23 |
GoodRx to pay $1.5 million fine for sharing customer health info with Google, Facebook (lien direct) |
The feds say GoodRx violated the Health Breach Notification Rule by selling health information to companies such as Google and Facebook |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-01 18:46:19 |
\'Global markets\' impacted by ransomware attack on financial software company (lien direct) |
A ransomware attack on Dublin-based software company ION Group has impacted the trading of financial derivatives on international markets. ION Group describes itself as enabling “financial institutions, central banks and corporations to digitize and automate their most business critical processes.” A pop-up notice on its site on Wednesday warned that “a cybersecurity event” that struck [… |
Ransomware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-01 17:12:21 |
K-12 schools in Tucson, Nantucket respond to cyberattacks (lien direct) |
The disruptions to school networks in Arizona and Massachusetts follow a string of similar K-12 ransomware incidents |
Ransomware
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-01 15:03:40 |
DocuSign scam targeted more than 10,000 inboxes: report (lien direct) |
Scammers used a malicious DocuSign document in a campaign that tried to steal credentials belonging to more than 10,000 people across several organizations. Researchers at cybersecurity company Armorblox said the brand impersonation campaign targeted Microsoft Office 365 email accounts and managed to bypass other security tools. The subject of the emails was “Please DocuSign: Approve [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-01 14:09:58 |
Microsoft notifies UK customers affected by hackers abusing \'verified publisher\' tag (lien direct) |
Microsoft said it has notified customers impacted by a campaign that involved the abuse of the company's “verified publisher” status to allow access to a victim's cloud environments. Accounts can gain verified publisher status when an app publisher has verified their identity using their Microsoft Partner Network (MPN) account and has associated this MPN account [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-31 22:05:22 |
Report: Developers are most in demand on dark web (lien direct) |
Hacker gangs often operate like businesses - they have salaries, working hours, clients and employees. To compete in a growing market, they are constantly looking for new talent with better skill sets, and they often use the same methods as legitimate tech companies and startups. The main difference is that cybercriminals do it in the [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-31 20:54:06 |
Pro-Russian DDoS attacks raise alarm in Denmark, U.S. (lien direct) |
Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups are causing alarm in the U.S. and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it was raising its cyber risk alert level after weeks of attacks on banks and the country's defense ministry. “We are [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-31 19:00:45 |
LockBit takes credit for November ransomware attack on Sacramento PBS station (lien direct) |
The LockBit ransomware group this week said it was responsible for a November ransomware attack on a public broadcasting affiliate in Sacramento, California. The high-profile cybercrime gang made the claim on the dark web site where it leaks victims’ data. The PBS station KVIE announced the attack on November 23, noting that some of its [… |
Ransomware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-31 16:33:08 |
How the war in Ukraine has strengthened the Kremlin\'s ties with cybercriminals (lien direct) |
Before Russia invaded Ukraine in February 2022, its law enforcement agencies carried out a series of arrests targeting prominent hacking groups and darknet forums including REvil, SkyFraud, Ferum Shop and Trump's Dumps. The crackdowns were touted as a demonstration of Russia's willingness to fight cybercrime and cooperate with foreign states in their investigations against Russia-linked […] |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-31 14:24:32 |
NFT company gets restraining order to freeze hacker\'s online wallet (lien direct) |
NFT Investments, a British company, worked through legal U.S. legal channels to freeze the digital assets wallet |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-31 14:01:13 |
British government minister told council to keep quiet after ransomware attack (lien direct) |
An unnamed British government minister told the leader of Redcar and Cleveland Borough Council to keep quiet about the impact of a “catastrophic” ransomware attack two years ago, a parliamentary committee was told on Monday. The pressure from central government to not discuss the impact of the attack “caused us a lot of issues,” said [… |
Ransomware
Guideline
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-30 22:00:28 |
Ransomware attack on Indianapolis Housing Agency leaks sensitive info on 200,000 residents (lien direct) |
The Indianapolis Housing Agency is notifying more than 200,000 people that their information, including Social Security numbers and more, was leaked during a ransomware attack in that began in September. The federally-funded agency is responsible for providing housing to low-income tenants across Indianapolis. It did not respond to requests for comment in October when the [… |
Ransomware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-30 20:31:27 |
New York\'s Andrew Garbarino takes helm of House\'s cybersecurity subcommittee (lien direct) |
New York Republican Andrew Garbarino has been chosen as the new chairman of the House’s Cybersecurity, Infrastructure Protection and Innovation Subcommittee. With Republicans taking control of the House, experts were eagerly waiting for leadership to pick the successor to Democratic Rep. Yvette D. Clarke, another New Yorker who led the subcommittee when Democrats had the […] |
Guideline
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-30 18:41:04 |
TSA issues security directive to airports, carriers after \'no-fly\' list leak (lien direct) |
The Transportation Security Administration has issued a security directive to all U.S. airports and air carriers warning them about the need for more stringent cybersecurity protections following last week's revelation that the federal “no-fly” list had been leaked. Outrage has grown since a Swiss national published a blog post earlier this month explaining that a […] |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-30 14:38:35 |
Russian foreign ministry claims to be the target of \'coordinated\' cyber aggression (lien direct) |
Russia's deputy foreign minister claimed this weekend that the country has been the target of “coordinated aggression” in cyberspace conducted by “intelligence agencies, transnational IT corporations, and hacktivists.” Oleg Syromolotov, a former deputy director and counterintelligence chief for the Russian Federal Security Service (FSB), told the TASS news agency that “in 2022, Russia faced unprecedented […] |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-30 14:28:49 |
British retailer JD Sports reveals 2-year-old intrusion affecting data of 10 million customers (lien direct) |
British sportswear retailer JD Sports announced Monday that data belonging to approximately 10 million unique customers was compromised in a cyberattack that began last decade. Names, billing and delivery addresses, as well as emails, phone numbers and order details are among the information accessed by hackers between November 2018 and October 2020. The company did [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-30 01:57:59 |
How Ukraine\'s Cyber Police fights fraud, scams, and attacks on critical infrastructure (lien direct) |
Editor's note: Ukraine's Cyber Police had a busy year in 2022. The law enforcement agency typically focuses its efforts on online fraud, scams, and other forms of financially-motivated cybercrime. But when Russia invaded Ukraine in February, the Cyber Police started seeing a surge in new types of attacks. Yurii Vykhodets, who leads the department, said […] |
Guideline
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-29 00:06:41 |
Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group (lien direct) |
The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia’s Ministry of Defense last week, the ministry told The Record on Friday. Hackers sent malicious emails to several employees of the ministry, pretending to be Ukrainian government officials. The attempted cyberattack was unsuccessful, the ministry added. The sample of [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-28 11:28:51 |
Could hackers change the daily Wordle? Researchers are torn (lien direct) |
Researchers are split on whether someone could hack into the New York Times' massively popular game Wordle and change the daily word users are forced to figure out. In a blog post last month, Noname Security's David Thomason said the the entire list of daily Wordles for the next few months could be discovered by [… |
Hack
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-27 23:21:42 |
Charter Communications says vendor breach exposed some customer data (lien direct) |
Telecommunications company Charter Communications said one of its third-party vendors suffered from a security breach after data from the company showed up on a hacking forum. On Thursday, a forum user posted information allegedly stolen from the company that included names, account numbers, addresses and more for about 550,000 customers. “We are aware of the [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-01-27 20:59:34 |
Target says data sold on dark web is \'outdated,\' likely \'released by third party\' (lien direct) |
Following the posting of an alleged database of customer information on a hacker forum, Target is denying that the data being sold on the dark web is current and says that the information was not taken directly from its systems. On Thursday, the hacker posted the trove, which contains names, addresses, and transaction information, purportedly […] |
|
|
★★
|