Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
JAVS courtroom recording software backdoored in supply chain attack
Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them take over compromised systems.
Ebury, le redoutable botnet qui a piraté 400 000 serveurs Linux en 15 ans
Le botnet Ebury fait toujours des ravages. D’après une enquête d’ESET, le malware, identifié il y a plus de quinze ans, a compromis une montagne de serveurs Linux.
Le malware Grandoreiro est de retour et s’attaque à plus de 1500 banques
Le malware Grandoreiro est de retour sur le devant de la scène. Malgré les efforts d’Interpol, des cybercriminels exploitent le cheval de Troie bancaire pour mener des cyberattaques dans le monde.
Un ” coup de buzz ” : une cyberattaque ” d’une force inédite ” frappe la Nouvelle-Calédonie
La Nouvelle-Calédonie a été la cible d’une cyberattaque massive, perturbant fortement le réseau Internet de l’archipel. Avec cette attaque DDoS d’envergure, les pirates auraient voulu faire le buzz en prévision de la visite d’Emmanuel Macron en Outre-mer.
Researchers spot cryptojacking attack that disables endpoint protections
A key component: Installing known vulnerable drivers from Avast and IOBit.
Newly discovered ransomware uses BitLocker to encrypt victim data
ShrinkLocker is the latest ransomware to use Windows’ full-disk encryption.
Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors
The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States.
North Korean Kimsuky used a new Linux backdoor in recent attacks
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.
Chinese actor ‘Unfading Sea Haze’ remained undetected for five years
A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018.
Hacker defaces spyware app’s site, dumps database and source code
A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in the United States, and leaked over a dozen archives containing database and source code data.
Hacktivist Groups Target Indian Elections, Leak Personal Data, Says Report
Around 16 hacktivist groups are targeting Indian elections, including Morocco Black Cyber Army and Anonymous Bangladesh, among others.
Pakistani-Aligned APT36 Targets Indian Defense Organizations
A politically motivated hacking group aligned with Pakistani interests is matching the Indian military’s shift away from the Windows operating system with a heavy
Iran APTs Tag Team Espionage, Wiper Attacks Against Israel & Albania
Scarred Manticore is the smart, sophisticated one. But when Iran needs something destroyed, it hands the keys over to Void Manticore.
LockBit demands $25 million from London Drugs in 48 hours – Cybersecurity Insiders
In April of this year, London Drugs faced a cyber attack, which led to the encryption of their servers. The company promptly announced its efforts to seek
Moroccan cybercrime group impersonates nonprofits and abuses cloud services to rake in gift card cash
Microsoft researchers say the group, tracked as Storm-0539 or Atlas Lion, targets employees with major U.S. retailers who control gift card operations.
Chinese hackers hide on military and govt networks for 6 years
A previously unknown threat actor dubbed “Unfading Sea Haze” has been targeting military and government entities in the South China Sea region since 2018, remaining undetected all this time.
Microsoft spots gift card thieves using cyber-espionage tactics
Microsoft has published a “Cyber Signals” report sharing new information about the hacking group Storm-0539 and a sharp rise in gift card theft as we approach the Memorial Day holiday in the United States.