Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
L’Allemagne accuse Moscou d’une cyberattaque “intolérable” contre les membres d’un parti politique
La ministre des Affaires étrangères Annalena Baerbock a dénoncé ce vendredi une cyberattaque contre des membres du parti SPD remontant à 2023 et provoquée par un groupe lié aux renseignements russes.
Poland says it too was targeted by Russian hackers
On Friday, Germany and the Czech Republic said they had been targeted by the Russian-controlled Fancy Bear hacking group.
Russian Hackers Exploit Outlook Flaw to Hijack Numerous Email Accounts
Russian state-sponsored hackers, identified as APT28 or Fancy Bear, have been exploiting a critical vulnerability in Microsoft Outlook to hijack email accounts on a large scale.
CySecurity News – Latest Information Security and Hacking Incidents: Sweden Faces Influx of DDoS Attacks Following NATO Membership
The year 2024 witnessed a further exacerbation of the situation, particularly intensifying from February onward.
Iranian hackers pose as journalists to push backdoor malware
The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets.
Blackbasta gang Synlab Italia attack
The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia.
Cyberangriff auf Schweizer Medtech-Firma
Mikrona betont, nicht auf Forderungen der Ransomware-Bande 8Base einzutreten. Diese droht mit der Veröffentlichung von Daten.
Kantonale Berner Webseiten wegen Cyberangriff nicht erreichbar
Derzeit sind diverse Webseiten des Kantons Bern wie auch digitale Dienste wegen DDoS-Angriffen nicht erreichbar. Die Verfügbarkeit soll allerdings nur kurzfristig gestört sein.
Far-right websites hacked and defaced
The Thursday hack included links to download subscriber data and a message claiming that Post Millennial’s editor was transitioning to a woman.
US govt warns of pro-Russian hacktivists targeting water facilities
The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations.
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks.
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks
Sweden experienced a wave of DDoS attacks as the country was working towards joining NATO, Netscout found
North Korean Hackers Spoofing Journalist Emails to Spy on Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishing campaigns
Okta: Credential-Stuffing Attacks Spike via Proxy Networks
Okta warns users that the attack requests are made through an anonymizing service like Tor or various commercial proxy networks.
Canadian Drug Chain in Temporary Lockdown Mode After Cyber Incident
London Drugs offered no details about the nature of the incident, nor when its pharmacies would be functioning normally again.
Attackers Planted Millions of Imageless Repositories on Docker Hub
The purported metadata for each these containers had embedded links to malicious files.
UnitedHealth Congressional Testimony Reveals Fails
The breach used stolen Citrix credentials for an account with no MFA. Attackers went undetected for days, and Change Healthcare’s backup strategy failed.
CySecurity News – Latest Information Security and Hacking Incidents: Hackers Claim Biggest Attack On UAE in History
UAE suffered a data breach, unless a ransom of 150 bitcoins (about USD 9 million) is paid, the threat actor threatened to disclose the data.
GPS jamming is a ‘side effect’ of Russian military activity, Finnish transport agency says
Finnair has stopped flights to one Estonian city thanks to the signal interference.
Router Roulette : des routeurs braqués par des espions et des cybercriminels – Le Monde Informatique
Sécurité : Une étude menée par Trend Micro montre un intérêt commun de groupes de cybercriminels mais aussi d’espion pour des botnets composés de routeurs de…