Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-10 19:45:08 |
December ransomware attack leads to massive data breach from California health network (lien direct) |
Facilities within California's Heritage Provider Network reported a data breach related to a ransomware attack in December |
Ransomware
Data Breach
Guideline
|
Heritage
Heritage
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-10 17:24:54 |
Reddit suffers \'sophisticated and highly targeted\' phishing attack, exposing source code (lien direct) |
Reddit, the popular discussion website with 50 million daily users, said hackers gained access to the company's source code as well as limited contact information for hundreds of current and former employees. The incident began when unidentified attackers managed to steal employee credentials through a phishing website masquerading as Reddit's intranet portal. After obtaining the [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-10 13:00:00 |
Maine gov\'t says state systems were not breached despite hacking group\'s claims (lien direct) |
Maine government officials denied that a notorious hacking group breached their systems after the gang boasted of stealing information this week. The GhostSec hacking group posted to Telegram on Thursday claiming that they stole 40 GB of data from Maine's government websites. The group provided a zip file of the data they stole. But Sharon […] |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 22:25:22 |
Mount Saint Mary College confirms December ransomware attack (lien direct) |
Mount Saint Mary College – a liberal arts college in New York – confirmed it experienced a ransomware attack in December after a cybercrime group publicly shared details about the incident this week. The Vice Society ransomware gang, a group known for dozens of attacks on K-12 schools as well as colleges and universities, claimed [… |
Ransomware
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 21:44:38 |
US and South Korea accuse North Korea of using hospital ransoms to fund more hacking (lien direct) |
When North Korea collects ransoms from healthcare facilities, the money could be funding operations against bigger targets, an advisory said |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 20:54:55 |
Russia\'s cyberattacks aimed at \'destabilizing\' Moldova, PM says (lien direct) |
Russia is waging a hybrid war not only in Ukraine but also throughout Europe, and Ukraine's neighbors and closest allies are bearing the brunt of it. That is especially true in Moldova. In an interview with Euronews on Tuesday, Moldovan Prime Minister Natalia Gavrilița accused Russia of trying to destabilize the country by sponsoring protests […] |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 19:21:56 |
Canadian book giant Indigo limited to cash sales by cyberattack (lien direct) |
Billion-dollar bookseller Indigo has been hit by a cyberattack that has severely limited their ability to fulfill orders. In a message on its website, the company said it was attacked on Wednesday and is working with cybersecurity experts to resolve the situation. The website is down and their physical stores are unable to accept electronic [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 18:50:46 |
Geotargeting tools are allowing phishing campaigns to home in on potential victims (lien direct) |
Hackers are using tools from Geo Targetly to tailor phishing attacks to specific locations, according to research from Avanan |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 15:42:46 |
Poland, Lithuania and UK warn of data-collection scam against Ukrainian refugees (lien direct) |
Ukrainian refugees and their hosts should be on the lookout for fake letters that are part of a data-collection scam |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 15:28:22 |
New hacking group targets Pakistan\'s Navy and maritime industry (lien direct) |
A previously unknown hacking group is using espionage tools to target Pakistan’s Navy, according to new research. Dmitry Bestuzhev, a threat Researcher at BlackBerry, told The Record that the group – which they named “NewsPenguin” – is a targeted attack group focused on militaries and the defense industry. The group used the upcoming Pakistan International […] |
Threat
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 13:34:05 |
Britain and US make major move against ransomware gangs by sanctioning seven individuals (lien direct) |
The sanctions documents formally link the Conti and Ryuk ransomware gangs and the Trickbot banking trojan to a single criminal organization |
Ransomware
|
|
★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 13:00:00 |
Darknet market revenue plummeted to $1.3 billion in 2022 (lien direct) |
Revenues earned by darknet markets fell from $2.6 billion in 2021 to $1.3 billion in 2022, according to new research. Much of the decline was attributed by researchers at blockchain analysis firm Chainalysis to the shutdown of Hydra Market, which was taken down by law enforcement agencies in Germany and the U.S. in April 2022. [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-09 03:03:33 |
Deepfake news anchors spread Chinese propaganda on social media (lien direct) |
In a series of videos posted on Twitter, Facebook and YouTube, Chinese state-aligned actors used AI-generated broadcasters to distribute content that promotes the interests of the Chinese Communist Party, according to a new report. At first glance, the news presenters of the likely fictitious media company Wolf News look like real people, and researchers with [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 21:17:09 |
New info-stealing malware used against Ukraine organizations (lien direct) |
A new information-stealing malware named Graphiron is being used against a wide range of targets in Ukraine, according to new research. Researchers from Symantec declined to say which sorts of organizations are being targeted but confirmed that the attacks are being launched by an espionage group named Nodaria. They added that there is “limited evidence” [… |
Malware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 20:42:52 |
Hackers used fake websites to target state agencies in Ukraine and Poland (lien direct) |
Hackers attempted last week to infect Ukrainian government computer systems with malware hosted on fake websites impersonating legitimate state services. Ukraine's computer emergency response team, CERT-UA, attributed the attack to a group called WinterVivern. The group has been active since at least June and includes Russian-speaking members. In addition to its Ukrainian targets, it has [… |
Malware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 19:41:06 |
\'No evidence of malicious access,\' Toyota says about serious bug exploited by outside researcher (lien direct) |
Toyota said it remediated the vulnerability discovered by researcher Eaton Zveare. The company referred others to its bug disclosure platform. |
Vulnerability
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 18:54:09 |
Turkey\'s government restricts access to Twitter amid earthquake response (lien direct) |
Internet traffic data showed that Twitter was totally inaccessible from with Turkey. The government has warned about disinformation. |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 17:14:52 |
CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel (lien direct) |
CISA adapted work by two Turkish developers into a script for recovering files affected by ESXiArgs ransomware without having to decrypt them |
Ransomware
|
|
★★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 15:10:03 |
UK High Court allows Bahraini activists to sue government over spyware (lien direct) |
Activists who highlighted human rights abuses in Bahrain can sue the country's government for using the FinSpy, or FinFisher, spyware on them |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 13:57:06 |
Estonian intelligence: Russia underestimated Ukraine\'s cyber resilience (lien direct) |
Estonia's Välisluureamet says Ukraine probably surprised Russia with its adaptability when faced with war-related cyberattacks. |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-08 00:34:48 |
First Linux variant of Clop ransomware targeted universities, colleges but was flawed (lien direct) |
The first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims. SentinelOne researcher Antonis Terefos said his team observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on December 26. Clop has existed since about 2019, targeting large companies, financial institutions, [… |
Ransomware
Tool
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 21:17:45 |
Russian crypto exchange exec pleads guilty to laundering Ryuk ransomware funds (lien direct) |
A Russian man pleaded guilty on Monday in an Oregon court on charges related to laundering funds for the Ryuk ransomware group. Denis Dubnikov was arrested in November 2021 in the Netherlands before being extradited to the U.S. last August. Prosecutors accused him, along with 13 co-conspirators whose names were redacted in a federal indictment, [… |
Ransomware
Guideline
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 21:07:51 |
CISA says Killnet DDoS attacks on U.S. hospitals had little effect (lien direct) |
CISA said it helped dozens of hospitals respond to a series of DDoS attacks last week that were launched by a pro-Russian hacking group |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 19:19:38 |
House approves cybersecurity research bill focused on energy infrastructure (lien direct) |
The U.S. House of Representatives on Monday passed a bill that would provide funding for cybersecurity research with a focus on protecting the country's energy infrastructure. The Energy Cybersecurity University Leadership Act - inspired by the ransomware attack on Colonial Pipeline and several other incidents - proposes grants and other forms of funding to graduate [… |
Ransomware
Guideline
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 17:41:31 |
More than 2,000 cybersecurity patent applications filed since 2010: report (lien direct) |
The number of cybersecurity patent applications has skyrocketed over the past decade, with U.S. companies leading the way. According to French software company IS Decisions, about 2,270 cybersecurity-related patents have been filed since the turn of the century. Nearly all – about 97% – have been filed since 2010, a year that marked a huge [… |
Guideline
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 17:39:09 |
Biden adds Mandia and other cybersecurity execs to advisory committee (lien direct) |
President Joe Biden added several cybersecurity executives to the National Security Telecommunications Advisory Committee (NSTAC), which advises the White House on national security issues and emergency preparedness. Mandiant CEO Kevin Mandia, Rapid7 CEO Corey Thomas and Trellix CEO Bryan Palma were added to the committee alongside several other cybersecurity executives, including Microsoft Vice President of [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 16:28:35 |
Germany hires new cybersecurity chief in wake of Russian scandal (lien direct) |
Germany's interior ministry has announced the appointment of Claudia Plattner, formerly the director general for information systems at the European Central Bank (ECB), as its new cybersecurity chief. Plattner joins the Federal Office for Information Security (BSI) in the wake of a scandal left by its former president Arne Schönbohm, regarding accusations that he had [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 16:08:53 |
Remcos software deployed in spying attempt on Ukraine\'s government, CERT says (lien direct) |
Hacking group UAC-0050 tried to deploy the remote management software Remcos in an effort to spy on government agencies, Ukraine said |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 14:18:24 |
LockBit ransomware group threatens Royal Mail with data leak deadline (lien direct) |
The LockBit cybercriminals told the British mail service it has until February 9 to pay up to protect data apparently stolen in January |
Ransomware
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 13:58:28 |
Shares in British engineering company dive as it announces cost of cyberattack (lien direct) |
Morgan Advanced Materials said its response to a cyberattack in January could cost as much as £12 million. Its shares took a 5 percent hit |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 13:12:44 |
All classes canceled at Irish university as it announces \'significant IT breach\' (lien direct) |
Munster Technological University (MTU) in Ireland announced on Monday that its campuses in Cork would be closed following a “significant IT breach and telephone outage.” “All classes, full-time and part-time, are cancelled” on both Tuesday and Wednesday, the university's statement said. A number of learning tools, including one called Canvas used to manage student assignments, [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-07 12:30:06 |
China\'s tech weapons roll in to quell demonstrations, identify protesters (lien direct) |
Back in October, a day before President Xi Jinping was set to assume an unprecedented third term as general secretary of the Chinese Communist Party, an activist named Peng Lifa made his way to a highway overpass not far from one of China's key tech quarters. He was wearing a construction worker's outfit and was [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 23:20:31 |
West Virginia students returning to class after days-long outage following cyberattack (lien direct) |
Nearly 20,000 students in West Virginia were forced to miss classes on Monday due to a cyberattack that crippled their school. Berkeley County Schools said on Friday it was experiencing an internet and phone outage on Friday and spent the weekend working through issues related to a cyberattack. Superintendent Ronald Stephens wrote a note to [… |
General Information
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 21:24:18 |
Darknet drug market BlackSprut openly advertises on billboards in Moscow (lien direct) |
It's unclear why BlackSprut was able to buy the Moscow billboard space, but Russia is known for some permissiveness toward darknet groups |
Legislation
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 14:28:11 |
\'Massive\' new ESXiArgs ransomware campaign has compromised thousands of victims (lien direct) |
Thousands of servers running an unpatched version of VMware's ESXi product are vulnerable to ransomware, researchers say |
Ransomware
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-06 13:45:02 |
British steel industry supplier Vesuvius \'currently managing cyber incident\' (lien direct) |
Vesuvius Plc confirmed that the incident “involved unauthorized access to our systems,” but it did not provide further details |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 21:50:38 |
CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) said two vulnerabilities from Oracle and SugarCRM are actively being exploited and ordered federal civilian agencies to patch them before February 23. On Thursday, CISA added CVE-2022-21587 – affecting Oracle’s E-Business suite – and CVE-2023-22952 – which affects multiple products from SugarCRM – to its Known Exploited Vulnerabilities [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 20:28:11 |
Zero day affecting Fortra\'s GoAnywhere file transfer tool is actively being exploited (lien direct) |
Fortra issued a private advisory about the zero-day. Cyber researchers then highlighted the information. There's no mention of a patch |
Tool
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 20:23:18 |
Customizable new DDoS service already appears to have fans among pro-Russia hacking groups (lien direct) |
For $120 per month, Passion allows customers to “customize” their DDoS incidents. The tool allegedly has been used against hospital websites |
Tool
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 20:19:07 |
New York attorney general fines developer of stalking apps (lien direct) |
The New York attorney general has ordered a spyware maker whose apps are marketed as tools for surveilling one's partner to pay a $410,000 fine and amend their business practices. Under Thursday's agreement with Patrick Hinchy, a Florida-based man whose 16 companies operate a constellation of spyware apps and services, the entities must alter practices [… |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 18:19:29 |
Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack (lien direct) |
A Tallahassee hospital has been forced to divert patients to other facilities and cancel all non-emergency surgical procedures after being hit by a cyberattack that began on Thursday night. Tallahassee Memorial HealthCare – one of the biggest hospitals serving a 21-county region in north Florida and south Georgia – said they have had to take their [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 16:53:57 |
Microsoft accuses Iran\'s government of cyber operation against Charlie Hebdo (lien direct) |
Microsoft says the data breach of Charlie Hebdo was retaliation for the satire publication's call for drawings of Iran's leader, Ali Khamenei. |
Data Breach
Guideline
|
|
★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 14:49:36 |
Julius \'zeekill\' Kivimäki, former Lizard Squad hacker, arrested in France (lien direct) |
Julius Kivimäki was being sought in the investigation into a cyberattack targeting Vastaamo, a Helsinki-based private psychotherapy center. |
Legislation
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 14:20:42 |
Russia-linked hacking against national labs spurs inquiry from two House chairmen (lien direct) |
The Russian group, known as Cold River, reportedly targeted the Brookhaven, Argonne and Lawrence Livermore labs in mid-2022 |
|
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-03 12:29:09 |
Switzerland\'s largest university confirms \'serious cyberattack\' (lien direct) |
The University of Zurich, Switzerland's largest university, announced on Friday it was the target of a “serious cyberattack,” which comes amid a wave of hacks targeting German-speaking institutions. The university's website is currently inaccessible, but the phone line to the press office is working. In a statement sent to The Record, a spokesperson described the [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 21:04:29 |
Hackers linked to North Korea targeted Indian medical org, energy sector (lien direct) |
The North Korean military's notorious hacking arm – known as the Lazarus Group – has been accused of targeting public and private sector research organizations, an Indian medical research company and other businesses in the energy sector. Security analysts at WithSecure said they were called on to respond to a cyberattack that they initially tied to the [… |
Medical
Medical
|
APT 38
|
★★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 20:23:43 |
Feds get guilty plea in Ubiquiti data extortion case (lien direct) |
Nickolas Sharp's audacious insider attack on his then-employer involved data theft, a ransom demand and disinformation to the media |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 18:21:24 |
Last year was the worst on record for crypto hacks, as North Korean groups cash in (lien direct) |
Nearly $4 billion was stolen in cyberattacks on cryptocurrency platforms in 2022, fueled in large part by hackers working on behalf of the North Korean government. Blockchain research firm Chainalysis found that it was a banner year for hackers targeting cryptocurrency firms, with about $3.8 billion in total stolen from companies in the industry, up [… |
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 15:54:42 |
QNAP warns of new bug prompting worries of potential Deadbolt ransomware exploitation (lien direct) |
QNAP is warning customers to update their devices after a vulnerability was discovered making thousands of devices susceptible to attack |
Ransomware
Vulnerability
|
|
★★
|
![RecordedFuture.webp](./Ressources/img/RecordedFuture.webp) |
2023-02-02 15:24:42 |
Data breach at Vice Media involved SSNs, financial info (lien direct) |
A data breach involving Vice Media leaked the sensitive information and financial data of more than 1,700 people, according to filings with Maine's Attorney General. In two separate filings on January 26 and 31, Vice Media said it was alerted in March 2022 that there was a cyberattack on its network. The media company hired [… |
Data Breach
|
|
★★
|