Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Cyberattaques en France – 800 sites Web officiels ciblés par des attaques informatiques
Des hackers prorusses ont revendiqué des attaques informatiques de grande ampleur lancées dimanche dernier contre des portails de l’administration française.
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Hackers have been exploiting a severe flaw (CVE-2024-3400) in Palo Alto Networks’ software that began nearly three weeks before discovery.
Targus says cyberattack is causing operational outage | TechCrunch
Targus’ parent company, B. Riley Financial, said it discovered « a threat actor gained unauthorized access to certain of Targus’ file systems. »
US think tank Heritage Foundation hit by cyberattack | TechCrunch
Founded in 1973, the Washington DC-based Heritage Foundation and supports and lobbies on conservative issues.
Nouvelle cyberattaque contre la France : des hackers turcs ont piraté un site du gouvernement
Une nouvelle cyberattaque a été répertoriée en France. Des cybercriminels turcs ont pris le contrôle d’un site du gouvernement pour faire passer un message aux autorités françaises et aux individus provenant de la Turquie.
iPhone users in 92 countries received a spyware attack warning from Apple
Apple notified individuals in 92 countries of possible mercenary spyware attacks on their systems.
« Highly capable » hackers root corporate networks by exploiting firewall 0-day
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.
Hackers Targeting Human Rights Activists in Morocco and Western Sahara
Researchers uncovers Starry Addax, a sophisticated threat actor targeting Sahrawi Arab Democratic Republic activists.
10-Year-Old ‘RUBYCARP’ Romanian Hacker Group Surfaces with Botnet
RUBYCARP threat group, suspected to be of Romanian origin, has been discovered operating a botnet for crypto mining, DDoS, and phishing attacks
Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign
MuddyWater, linked to Iran’s MOIS, strikes again with DarkBeatC2. Our latest blog unpacks the latest tactics in cyber warfare.
U.S. Department of Health warns of attacks against IT help desks
U.S. Department of Health and Human Services warns of attacks against IT help desks across the Healthcare and Public Health (HPH) sector.
Russian hackers accessed U.S. government emails in Microsoft breach, CISA says
The alert comes a week after Microsoft was faulted in a DHS report for fostering a security culture that enabled a similar China-backed cyberattack last year.
Cyberattack on UK’s CVS Group disrupts veterinary operations
UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country.
New Spectre v2 attack impacts Linux systems on Intel CPUs
Researchers have demonstrated the « first native Spectre v2 exploit » for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.
FBI warns of massive wave of road toll SMS phishing attacks
On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees.
Hospital IT Helpdesks Targeted By Voice Fraudsters, Warns HHS
Threat actors are socially engineering healthcare IT helpdesk staff to steal money, the government has warned
Famous YouTube Channels Hacked to Distribute Infostealers
The AhnLab Security Intelligence Center discovered new infostealer distribution campaigns leveraging legitimate YouTube channels
Byakugan Infostealer Capabilities Revealed
Fortinet said the malware functions identified include screen monitoring, screen capturing, cryptomining and more
US Data Breach Reports Surge 90% Annually in Q1
The number of publicly reported data breaches and leaks grew 90% in the first three months of the year
