Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Ransomware Operation LockBit Relaunches Dark Web Leak Site
Russian-speaking ransomware operation LockBit reestablished a dark web leak site Saturday afternoon and posted a lengthy screed apparently authored by its leader,
Chinese APT Developing Exploits to Defeat Patched Ivanti Users
Ivanti customers: soon, even if you’ve patched, you still might not be safe from relentless attacks from high-level Chinese threat actors.
Someone is hacking 3D printers to warn owners of a security flaw
Do you have an Anycubic Kobra 2 Pro/Plus/Max 3D printer? Did you know it has a security vulnerability? If you answered “yes” to both those questions, then chances are that I can guess just how you found out your 3D printer was vulnerable to hackers.
8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation
Over 8,000 subdomains belonging to recognized brands and organizations are being exploited for malicious email distribution.
North Korean Hackers Targeting Developers with Malicious npm Packages
Fake npm packages linked to North Korea threaten software supply chain. Read on for details and protection tips.
Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns
Six years on, routers remain a favorite post for concealing malicious activities.
L’un des plus importants producteurs d’acier au monde a été piraté
Le géant de l’acier ThyssenKrupp a été frappé par une cyberattaque. Pour repousser les pirates, le groupe allemand a été obligé de suspendre temporairement les activités de sa division consacrée à l’automobile.
North Korean Group Seen Snooping on Russian Foreign Ministry
North Korean espionage group TA406, aka the Konni Group, deployed information-stealing malware on a Russian government-owned software to spy on the country’s
ALPHV website goes down amid growing fallout from Change Healthcare attack
Medical providers are under financial pressure and patients are facing challenges in filling prescriptions due to the ransomware attack.
CISA warns state, local government about Phobos ransomware | StateScoop
Phobos is “pretty standard” ransomware, one expert said, but the Cybersecurity and Infrastructure Security Agency warns that it’s on the rise in state and local government.
Millions Of GitHub Repos Found Infected With Malicious Code
Security researchers from Apiiro have uncovered a worrying trend: over 100,000 GitHub repositories have been compromised in a “repo confusion”
Hessen Consumer Center says systems encrypted by ransomware
The Hessen Consumer Center in Germany has been hit with a ransomware attack, causing IT systems to shut down and temporarily disrupting its availability.
FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks
Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks.
LockBit ransomware returns to attacks with new encryptors, servers
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week’s law enforcement disruption.
Des organisations ukrainiennes piratées via la stéganographie – Le Monde Informatique
Intrusion, Hacking et Pare-feu : Le groupe UAC-0184 cible le personnel militaire ukrainien, y compris à l’étranger, et utilise la stéganographie pour infecter leurs terminaux avec un…