Les dernières cyberattaques (1 août 2023)

Voici la sélection des cyberattaques majeures découvertes la semaine passée.

Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

Ivanti Says Second Zero Day Used in Norway Govt Breach

Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti’s endpoint management software appeared to have

N Korean Hackers Phishing With US Army Job Lures

Government-backed North Korean hackers are posting convincing U.S. military job recruitment documents to lure Korean-speaking victims into downloading malware

North Korean Hackers Bag Another $100m in Crypto Heists

Two new breaches traced back to prolific Lazarus group

N. Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist

CoinsPaid is working closely with law enforcement authorities to track the looted funds allegedly taken by the Lazarus Group.

https://www.bitdefender.com/blog/hotforsecurity/following-claims-by-two-ransomware-groups-yamaha-confirms-cyberattack/

MOVEit Hack: Over 400 Organizations’ Hacked by CL0P Ransomware Group

The Russian ransomware group ‘Clop’ exploits a flaw in Progress Software’s MOVEit product suite in late May to steal data from unprotected networks.

Norwegian government IT systems hacked using zero-day flaw

The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited a zero-day vulnerability in third-party software.

SEC now requires companies to disclose cyberattacks in 4 days

The U.S. Securities and Exchange Commission has adopted new rules requiring publicly traded companies to disclose cyberattacks within four business days after determining they’re material incidents.

Ivanti patches new zero-day exploited in Norwegian govt attacks

Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway.

North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say | TechCrunch

Mandiant security researchers say the North Korean hackers behind the JumpCloud breach mistakenly exposed their real-world IP addresses.

Ivanti rushes to patch zero-day used to breach Norway’s government | TechCrunch

Hackers exploited a previously undiscovered flaw in Ivanti’s MDM software to compromise a dozen Norwegian government agencies.

CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services | TechCrunch

The Canadian provider of heart monitoring technologies says its servers and systems have been downed by an ongoing cybersecurity incident.

US government contractor says MOVEit hackers accessed health data of ‘at least’ 8 million individuals | TechCrunch

Maximus, a U.S. government services company, says MOVEit hackers accessed the personal information of as many as 11 million individuals

Hackers are infecting Call of Duty players with a self-spreading malware | TechCrunch

Activision said it brought the 2009-released game offline while it investigates « an issue. »

Wormhole digs out of its hole with new security measures to move on from $320M hack | TechCrunch

Many projects would simply give up if they’d been hacked and had hundreds of millions stolen from their ecosystem partners, but Wormhole isn’t one of them.

New SEC rules put a time limit on reporting hacks and data breaches

The SEC has a new rule that requires public companies to disclose cybersecurity incidents just four days after they are discovered.