L’hebdo cybersécurité | 2 juillet 2023

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles.

Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉

LockBit gang demands a $70 million ransom to the Semiconductor Manufacturing giant TSMC

The notorious LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC).

JP Morgan accidentally deletes 47 million comms records

Fined $4m for Who-Me-esque mess, for which it blames unnamed archiving vendor’s retention settings

Submarine Cables Face Escalating Cybersecurity Threats, Report

The backbone of telecommunications, submarine cables, face an escalating threat environment, including cybersecurity risks, warns Recorded Future.

Police unplug international phone scam network | Europol

Unwitting accomplices sent to collect cash The organised criminal network specialised in calling elderly citizens across Germany and Poland pretending to be police officers or representing other official authorities. Victims were informed that one of their relatives has been responsible for a car accident or similar event resulting in injuries or death of other persons.

LetMeSpy Phone-Tracking App Hacked, Revealing User Data

With at least 13,000 compromised devices in the data leak, it is still unknown who the threat actor is or whether or not victims will be personally notified.

US Patent Office Data Spill Exposes Trademark Applications

Misconfiguration exposed the physical addresses of 60,000 patent filers over three years.

Hackers attack Russian satellite telecom provider, claim affiliation with Wagner Group

The attackers released nearly 700 files associated with the attack.

New Ransomware Variant Recruit users for Russian Wagner Group

Russian Wagner Group. Recently, the cybersecurity researchers identified a new ransomware which is a variant of ransomware dubbed « Wagner. »

University of Manchester Hack – Over One Million NHS patient data Exposed

The University of Manchester has recently been affected by a Ransomware Hack that impact creates to stolen 1.1 Million NHS patients’ information across 200 hospitals.

EncroChat takedown led to 6,500 arrests and $979 million seized

Europol announced today that the takedown of the EncroChat encrypted mobile communications platform has led to the arrest of over 6,600 people and the seizure of $979 million in illicit funds.

8Base ransomware gang escalates double extortion attacks in June

​A 8Base ransomware gang is targeting organizations worldwide in double-extortion attacks, with a steady stream of new victims since the beginning of June.

Crypto losses halved in Q2 2023 to $204M

Without a major, industrywide push to emphasize protective measures and shake out bad actors, this problem won’t be fixed.

TSMC confirms data breach after LockBit cyberattack on third-party supplier

One of the world’s biggest chipmakers confirmed a data breach after the LockBit ransomware gang targeted one of its third-party providers.

Une mystérieuse cyberattaque touche un satellite de l’armée russe

Un réseau satellite utilisé par l’armée russe a été mis en panne par une cyberattaque. Les hackers à l’origine de l’attaque prétendent faire partie du groupe de mercenaires Wagner. Un collectif inconnu de pirates informatiques a revendiqué une cyberattaque contre le réseau informatique fourni par un satellite russe

Twitter Hacker Who Turned Celebrity Accounts Into Crypto Shills Gets Prison Sentence

The 24-year-old British man behind a series of high-profile social media hacks has been sentenced to five years in U.S. federal prison.

FBI finally tracks « swatting » incidents as attacks increase nationwide

Experts aren’t sure the database will reverse troubling swatting trend.

Une équipe d’intervention cantonale épaulera les communes vaudoises en cas de cyberattaque

Via une convention avec les communes, l’IT du canton de Vaud va créer une équipe d’intervention chargée de leur prêter main forte aux niveaux organisationnel et technique en cas de cyberattaque. La force de réaction s’appuiera également sur des prestataires spécialisés locaux.

Cyberattaque contre l’entreprise Xplain: le Conseil fédéral mandate un état-major de crise politico-stratégique « Fuite de données »

Informations actuelles de l’administration. Tous les communiqués de l’administration fédérale, des départements et des offices.

Millions affected by MOVEit mass-hacks as list of casualties continues to grow

The personal data of more than 15 million individuals has been stolen by hackers exploiting a vulnerability in the MOVEit file transfer tool