On 22 November 2022, the pro-Russian hacktivist group KillNet announced that it had launched a series of DDoS attacks against several official websites in Britain. The sites affected were: the Royal Family website, the London Stock Exchange website, the BacsUK website and the British Army website. During the attack, all sites were accessible from the US, but the British Army site appeared to be under maintenance.  Read more about it : here

On october 31, 2022, the French city of Brunoy suffered a cyber attack, probably of the ransomware type, in view of the communication made by the town hall. The latter also said that the administration's entire work network had been blocked in order to stop the spread of the malware while the extent of the attack was assessed. Despite the fact that administrative work is affected, municipal facilities such as the Town Hall, leisure centres, nurseries and the municipal police remain open. The impact of this attack on the town hall of Brunoy is probably minor. Indeed, most essential basic services remain active for the moment and only purely administrative matters should be stopped and delayed until the crisis is resolved.  Read more about it : here

On November 13, 2022, the Bulgarian Council of Ministers website suffered a DDoS attack that rendered access to its platform impossible. The government announced that all means were being used to counter the attack and restore accessibility to the site.  The Bulgarian executive's cybersecurity coordinator, Petar Kirkov, said the attack probably came from the pro-Russian hacktivist group KillNet, who even claimed responsibility for the attack via its telegram group.  Read more about it : here

On 9 November 2022, the cybercriminal group Royal ransomware added two German companies to its list of victims: Zender, an automotive manufacturer based in Mulheim Karlich, and Ortmeier Maschinen und Vorrichstungsbau Gmbh, a manufacturer of robots and industrial machinery.  The attackers did not specify the nature of the stolen data or the ransom demanded, so we will have to wait for more details from the victims to clarify the consequences of these attacks.  Read more about it : here

On 23 November 2022, the pro-Russian hacktivist group Noname057 claimed to have launched a series of DDoS attacks on the Polish airport of Rzeszów-Jasionka. As of 17:00, the site was accessible in France but possibly unreachable from other countries and continents.   Read more about it : here

On Monday 7 November 2022, the company Continental acknowledged that following the cyber attack they suffered in August, approximately 40 terabytes of data had been exfiltrated. The investigation by cyber experts after the incident continues as the company also announced that no data had been encrypted, allowing business to continue.  It should be noted that on 4 November, LockBit 3.0 claimed responsibility for an attack on Continental, although it is not known whether this is the same attack as the one that took place in August.  Read more about it : here

On November 12, 2022, the cyber criminal group Kelvin Security claimed on Breach Forums a cyberattack against Norgine Italia. In this claim, it is stated that 3.15 GB of data has been exfiltrated from the system and that this data contains documents of various types, such as PDFs, DOCXs and XLSs. A link has also been provided to contact the seller and make purchase arrangements. This message was not only posted on Breach Forums, but also on the gang's Telegram channels.  Read more about it : here

On 9 November 2022, the cybercriminal group Hive ransomware added the Natherland-based company APM Terminals, a harbor operator, subsidiary of Maersk, to its list of victims. No details are given about the nature of the stolen data or the direct consequences of the attack on the company. The attack is believed to have taken place on 17 October and the stolen data will be released on 11 November.  Read more about it : here

On November 8, 2022, cybercriminal ransomware group LockBit 3.0 claimed to have attacked Richard Wolf Gmbh. Some of the company's data is said to be encrypted and the management has until 10 November to comply with LockBit 3.0. Some of the company's data is said to be encrypted and the management has until 10 November to comply with LockBit 3.0. Experts are reportedly working on the company's systems to assess the exact damage.  Read more about it : here

On 15 November 2022, according to a Kaspersky study, North Korean hackers Lazarus are using a new version of the DTrack backdoor to attack organisations in Europe and Latin America.  DTrack is a modular backdoor with a keystroke logger, screenshot logger, browser history retriever, running process spy, IP address logger, network connection information logger and more.  In addition to spying, it can also execute commands to perform file operations, retrieve additional payloads, steal files and data and run processes on the compromised device. Finally, Dtrack hides in an executable that looks like a legitimate program, and there are several decryption steps before the malware payload begins.  Targeted sectors include government research centres, policy institutes, chemical manufacturers, IT service providers, telecommunication providers, utility providers and education.  Read more about it : here