Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
LockBit ransomware returns to attacks with new encryptors, servers
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week’s law enforcement disruption.
Feds hack LockBit, LockBit springs back. Now what? | TechCrunch
Days after it was knocked offline by a sweeping, years-in-the-making law enforcement operation, the notorious Russia-based LockBit ransomware group has
FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks
Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks.
Russia publishes German army meeting on Ukraine
German chancellor promises probe after leak of officers discussing the supply of long-range missiles.
34 Million Roblox Credentials Exposed on Dark Web in Three Years
Kaspersky reported a 231% surge in compromised accounts from 4.7 million in 2021 to 15.5 million in 2023
Russia-linked LockBit hackers re-emerge, pledge to vote for Trump
Just days after cybercrime cops compromised LockBit, the ransomware gang has returned to make a dubious endorsement of Donald Trump.
NSA says it’s tracking Ivanti cyberattacks as hackers hit US defense sector | TechCrunch
The US intelligence agency confirms hackers exploiting flaws in Ivanti’s VPN appliance have targeted organizations across the defense sector
La Maison-Blanche s’alarme des dangers potentiels des véhicules chinois pour la sécurité nationale
Les États-Unis craignent que les véhicules chinois transmettent des données sensibles à Pékin à des fins d’espionnage.
8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation
Over 8,000 subdomains belonging to recognized brands and organizations are being exploited for malicious email distribution.
President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations
President Biden signs Executive Order to prevent mass data transfers to ‘countries of concern’. A bold move to protect Americans’ genomic, biometric,
Germany takes down cybercrime market with over 180,000 users
The Düsseldorf Police in Germany have seized Crimemarket, a massive German-speaking illicit trading platform with over 180,000 users, arresting six people, including one of its operators.
Fulton County, Security Experts Call LockBit’s Bluff
The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. LockBit removed Fulton County’s listing from its victim shaming website this morning, claiming the county had paid.
Russia Clamps Down on VPNs, Furthering Restrictions on Internet Access
It is worth noting that restricting VPNs may limit Russian citizens’ access to the outside world and form broader perspectives.
Ransomware Operation LockBit Relaunches Dark Web Leak Site
Russian-speaking ransomware operation LockBit reestablished a dark web leak site Saturday afternoon and posted a lengthy screed apparently authored by its leader,
China Launches New Cyber-Defense Plan for Industrial Networks
Government will provide additional cybersecurity training and recruit additional cybersecurity talent in an effort to better secure its industrial sector from attacks.
CISA warns state, local government about Phobos ransomware | StateScoop
Phobos is « pretty standard » ransomware, one expert said, but the Cybersecurity and Infrastructure Security Agency warns that it’s on the rise in state and local government.
Millions Of GitHub Repos Found Infected With Malicious Code
Security researchers from Apiiro have uncovered a worrying trend: over 100,000 GitHub repositories have been compromised in a « repo confusion »
Hacker Group Publicly Announced That They Are Recruiting Pentesters
Hacker groups recruit pentesters because they possess valuable skills in identifying and exploiting vulnerabilities. This aligns with the
Windows security updates could come with fewer reboots beginning later this year
« Hotpatching » originated in Windows Server, cuts way down on update reboots.
Le NIST publie la version 2.0 de son référentiel de cybersécurité – Le Monde Informatique
Sécurité : La version 2.0 du Cybersecurity Framework publié par le NIST est plus axée sur les questions de gouvernance et de la supply chain. Le référentiel…
