Les dernières cyberattaques détectées | 20 juin 2023

Voici la sélection des cyberattaques majeures découvertes durant ce dernier tour de veille hebdomadaire.

Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉

Russian Ransomware Group Breached Federal Agencies in Cyberattack

The top U.S. cybersecurity agency said it did not have evidence that the group was acting in coordination with the Russian government.

A Newly Named Group of GRU Hackers is Wreaking Havoc in Ukraine

Plus: The arrest of an alleged Lockbit ransomware hacker, the wild tale of a problematic FBI informant, and one of North Korea’s biggest crypto heists.

Shell is another victim of Clop ransomware attacks

British multinational oil and gas company Shell has confirmed that it has suffered a ransomware attack conducted by the Clop group.

Warning: Fake GitHub Repos Delivering Malware as PoCs

According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems.

Cyber Attack projected on US and European Banking Systems – Cybersecurity Insiders

As European nations such as Germany, France and Britain are offering a helping hand to Ukraine on recommendation by the Biden led nation, 3 notorious

US confirms federal agencies hit by MOVEit breach, as hackers list more victims

Multiple federal agencies have fallen victim to cyberattacks exploiting a security vulnerability in a popular file transfer tool

Russia-backed hackers unleash new USB-based malware on Ukraine’s military

Shuckworm’s relentless attacks seek intel for use in Russia’s invasion of Ukraine.

LockBit claims ransomware attack on pharma giant Granules India

The Russia-linked ransomware gang claimed responsibility for the cyberattack targeting the Indian pharmaceutical giant.

St. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure

St. Margaret’s Health in Illinois is closing operations at its hospitals due to a 2021 ransomware attack that impacted its payment system

Hackers steal $3 million by impersonating crypto news journalists

A hacking group tracked as ‘Pink Drainer’ is impersonating journalists in phishing attacks to compromise Discord and Twitter accounts for cryptocurrency-stealing attacks.

Massive phishing campaign uses 6,000 sites to impersonate 100 brands

A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June 2022, tricking people into entering their account credentials and financial information on fake websites.

Clop ransomware gang starts extorting MOVEit data-theft victims

The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data.

LockBit Ransomware Extorts $91 Million from U.S. Companies

LockBit ransomware scheme extorts $91 million from U.S. organizations in a series of devastating attacks since 2020.

New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries

Researchers uncover a concerning software supply chain attack using expired Amazon S3 buckets to distribute malware-infected binaries.

RomCom Threat Actor Targets Ukrainian Politicians, US Healthcare

The group appears to be targeting victims based on their proximity and involvement to and within pro-Ukraine organizations.

U.S. Government Agencies Targeted In Latest Global Cyberattack

A global cyberattack has hit multiple U.S. government agencies, federal officials said Thursday, joining a string of recent hacks that target a vulnerability in a widely used file-transfer software.

No ‘systemic risk’ to government networks from latest breach, CISA says

The nation’s cyber defense agency confirmed it was providing assistance to several federal agencies that have been impacted in an apparent global cyberattack.

Clop Ransomware gang strikes London Transport for London (TfL) – Cybersecurity Insiders

Clop ransomware gang has targeted the databases of Transport for London (TfL) customers, thus stealing information of over 13,000 drivers listed on the

L’Association Vaud Promotion victime d’un vol de données

L’Association Vaud Promotion a été prise pour cible par un jaune gang actif dans les attaques par ransomware. Des données ont été volées.

Attaque contre les sites fédéraux: des données personnelles sensibles sont sur le darknet (update)

Des cyberpirates ont mis la main sur des données de plusieurs offices de l’administration fédérale et les ont publiées sur le dark web. La cyberattaque a ciblé le prestataire IT alémanique Xplain et a entre autres touché Fedpol, des polices cantonales, l’armée, les douanes et les CFF.