Voici la sélection des cyberattaques majeures découvertes durant ce dernier tour de veille hebdomadaire.
Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉
Internal Report Suggests Security Lapses at Hacked Crypto Exchange Bitfinex
A security review describes how attackers exploited mistakes to steal millions of dollars worth of bitcoin.
CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF) | CISA
Today, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020.
Backup Repositories Targeted in 93% of Ransomware Attacks
Organizations now acknowledge that having clean and recoverable backups is a critical element of a good business continuity plan
Lazarus Group Targeting Microsoft Web Servers to Launch Espionage Malware
Researchers detail the DLL side-loading technique used to deploy malware that facilitates credential theft and lateral movement
https://www.bitdefender.com/blog/hotforsecurity/suzuki-motorcycle-plant-shut-down-by-cyber-attack/
German arms manufacturer Rheinmetall suffered Black Basta ransomware attack
The German automotive and arms manufacturer announced it was victim of a Black Basta ransomware attack that took place last month.
Chinese hackers breach US critical infrastructure in stealthy attacks
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, an island hosting multiple military bases, since at least mid-2021.
Hackers target 1.5M WordPress sites with cookie consent plugin exploit
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than 40,000 active installs.
New Russian-linked CosmicEnergy malware targets industrial systems
Mandiant security researchers have discovered a new OT known as CosmicEnergy that targets operational technology (OT), raising concerns about potential disruptions to electric power systems worldwide.
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
North Korean Lazarus Group remains relentless in targeting vulnerable Microsoft IIS servers, utilizing DLL side-loading techniques to deploy malware.
Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks
Portuguese bank users beware! Brazilian hackers are on the prowl, targeting over 30 financial institutions.
PyPI Shuts Down Over the Weekend, Says Incident Was Overblown
The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one.
Le clonage de voix, une menace de plus pour les entreprises – Le Monde Informatique
Sécurité : Surfant sur la vague de l’IA générative, le clonage de voix offre un nouveau vecteur d’attaques qui intéresse de plus en plus les cybercriminels.
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
Administrators of the PyPI software repository have disabled new user sign-ups and package uploads until further notice.
Microsoft reports jump in business email compromise activity
Thirty-five million business email compromise (BEC) attempts were detected in the last year, according to the latest Microsoft Cyber Signals report.