Bringing cybersecurity globally to critical and complex key activities
Weekly Summary Cyberattacks 14-20 Nov
Weekly Summary Cyberattacks 07-13 Nov
Fake CAPTCHAs used to infect devices with malware
Malware campaign detected stealing a wide range of sensitive data and emptying victims’ cryptocurrency wallets
APT36 intensifies its attacks with the evolution of ElizaRAT
New Xiū gǒu phishing kit targets users in five countries with 2,000 fake sites
New Android banking malware ToxicPanda targets users in Italy, Portugal, Hong Kong, Spain, and Peru
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems
Hackers use Rekoobe Backdoor to Attack Linux Systems
Genesis Market gang tries to sell platform after FBI disruption
WISE REMOTE Trojan: Infostealer, RAT, DDoS Bot, and Ransomware
Malware campaign targets eastern European air-gapped systems
Emails Of US government officials hacked by China-backed actors
Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519
The new Net Worker Alliance group attacks and defaces various NATO and European entities
Cyber alert in Romania about death scam
Residents of Vijfheerenlanden may be victims of data breach
Ukrainian hackers claim to leak emails of Russian parliament deputy chief
Airbus Cyber Attack: Work of ‘USDoD’ Hacker, Linked to Turkish Airlines Employee Account Hack
North Korean hackers plot Gmail theft attacks via Chrome extension
Chinese IT giant suspected of creating malicious Android software
Hacker attacks on NRW universities will change the cybersecurity doctrine
SABCA company victim of a cyber attack
‘Vulkan files’ leak reveals Russian cyber strategy
Attack exposes Hyundai car owners in France and Italy
Fake Google Chrome updates leveraged in malware distribution campaign
The Russia-linked APT29 is behind recent attacks targeting NATO and EU
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
Cyber attack on Helmholtz Zentrum München
The LockBit Ransomware group has added FIEGE
NoName057 launches a new attacks campaign on European countries
Cybercriminal claims to have access to Brazilian and French defence ministers' mail
Lille town hall victim of a cyberattack
PlugX RAT masquerades as legit Windows debugger to slip past security
UAC-0056 group launch disruptive attacks against Ukrainian government websites planned over one year earlier
ViceSociety added Kventa Kft and HAW Hamburg to their victim list
Frankenstein's monster found in PyPI, assembled from the code of various malware
Italian Lubrimetal and Sabena Engineering cyber attack by LockBit
LeakBase claims to have downloaded the Happy-Compta database
APT41 faction started using Google's Red Team tool
Ex-Conti members and FIN7 devs team up to push new Domino malware
BlackCat ransomware started using Windows kernel level driver
Stealth Soldier is a new custom backdoor targeting North Africa with espionage attacks
Massive CoWIN data breach exposes personal data of users and putting over 1 billion at risk
The Universitat Pompeu Fabra hited by cyber attack
Cyber-attack on the Rheinische Post media group: websites cannot be reached
APT37 hackers deploy new FadeStealer eavesdropping malware
Cyber attack by ransomware on the University of Salerno
Data leak at Deutsche Bank and Postbank
New Big Head ransomware displays Windows Update screen
Charming Kitten hackers use new ‘NokNok’ malware for macOS
The fake Toyota France web address is a fraud scam
Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Iranian-linked hackers have been conducting phishing attacks against Israel
In Saône-et-Loire, the Bourbon-Lancy casino closed for a week after being
LockBit ransomware group added Hasenauer Anlagenbau
Play ransomware cyber activities at beginning of May
Zaraza bot infostealer targets numerous search engines
StrelaStealer Being Distributed To Spanish Users
DarkCloud Infostealer Being Distributed via Spam Emails
North Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
The site of Alessia Mosca hit by the Kelvin Security
French Peyrehorade ambulance was hit by ransomware
The Normandy Region victim of a cyberattack: Rouen and Caen affected
Formbook campaign via Libyan oil companies target Italy
Suspected cyber attack against Öland municipalities
Ukrainian railway, state agencies allegedly targeted by DolphinCape malware
Vjw0rm goes back to hiding in an email about beauty products
ViceSociety gang claims to have hacked the Universidad Catolica Portuguesa
Play Ransomware added european victims to their list
BlackCat attack on Ayuntamiento
Noname057 attacked some defence ministries in Europe
Cyber attack on Ulm University
Hackers breach energy organisations via bugs in discontinued web server
French department under cyber attack
The Saint-Doulchard Oncology Center victim of a cyberattack
Cyberattack at the Versailles hospital center: the trail of a LockBit usurper
Intersport under Hive group cyber attack
Austrian company under Play Ransomware cyber attack
KromSec downloaded the data from the Iranian Ministry of Cooperation
Ukrainian military system DELTA targeted by malware
Chinese Hackers Exploit Citrix Vulnerabilities
German industrial giant ThyssenKrupp targeted in a new cyberattack
NoName057(16) new campaign against Germany, France and Italy
A state-sponsored group is using the ReverseRAT backdoor to target India
The LockBit ransomware group has added new victims to its leak site
Germany’s Maklersoftware Breached, Listed among Black Basta’s Victim List
The RansomHouse ransomware group has added AESCULAPIUS Farmaceutici
LockBit ransomware group has added Trèves Group
Python developers have been warned about trojanised PyPI packages mimicking popular libraries
Lockbit ransomware gang hit the Portuguese municipal water utility Aguas do Porto
Hacking of a group of French pharmacists, more than 150,000 people hacked Analyst's observation
1000 ships impacted by a ransomware attack on maritime software supplier DNV
Cyber Army of Russia claim attack on Ukrinform
Kremlin state sponsored hackers targeted a large petroleum refinery
Technolit industrial targeted by a cyber attack
ALPHV group added Fruttagel to their victim list
KillNet announced end of transition to phase 2 and launch a DDoS attack
NoName057 attack campaign in europe
TeamOneFist operation Turn Ruzzia Off
Genesis group hacked Samsung
Hackers hijack EU websites to steal banking information
Conforama under cyber attack
French Seine et Marne departement council victim of a cyber attack
Cyber assault on Orange Spain
Royal Ransomware claim attack on german company
Hive Ransomware add APM Terminals to their victim list
LockBit affiliate uses Amadey Bot malware to deploy ransomware
Noname05716 targeting Polish science academy
BlackBasta Ransomware added Metro company to their victim list
LockBit 3.0 added Richard Wolf GmbH to their victim list
Continental enterprise acknowledged data theft
French city of Brunoy network suffered a ransomware attac
HiveLeak gang targeted Landi Renzo company
LockBit 3.0 european attacks second wave of claim
IT Army of Ukraine targeted GazpromBank
German websites of Scm-Pc-Card and Evas Schatztruhe suffered a breach
DDoS attack on the websites of the Institute of National Remembrance
Cyberattack on the Polish Mother's Health Center
BlackByte ransomware group added Peterson & Hansson Byggnads to their victims list
Russian hacktivists target polish airport
United Kingdom under KillNet attack
Schutznetze24 database on sell
Zarya continues to breach and leak data from Ukrainian database
KillNet was targeting Starlink
Spanish Ministry of Economy under cyber attack
Cyber Army Russia has targeted Hacken and trying to stop Ukraine citizens from accessing energy supplies
KillNet want to conduct a DDoS campaign against any targets in Poland
ViceSociety ransomware group claims responsibility for the cyberattack against Rhein-Pfalz-Kreis
An initial access broker claims to have hacked Deutsche Bank
Killnet claims attack on the public power corporation of Greece and the television network “Mega TV”
A cyber attack blocks the website of the Government of Bulgaria
The Italian company Norgine Italia was hit by the cybergang Kelvin Security
Zarya has breached micro-code company
North Korean hackers target European orgs with updated malware
Russian forces are preparing a massive cyberattack campaign
New Erbium password-stealing malware spreads as game cracks
New Chaos malware infects Windows, Linux devices for DDoS attacks
TeamOneFist claim to have attacked russian Satelite
Russian Hacktivists will target Dagestan
New russian hacktivists group targeting Slovakia
KillNet launch a new campaign against the United States
Attack on Tap airline, the customers data leaked
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder
Iran is now subject to the most severe internet restrictions and Anonymous takes down Iranian government websites
ITS group possibly victim of a cyberattack
Uber cloud systems has been attacked
French Cahors hospital targeted by a cyberattack
LockBit 3.0 claim attacks on coffeeberlin.com and software-line.it
Lockbit group claims to have attacked the Agency for Aerial Navigation Safety in Africa and Madagascar
LockBit group claims responsibility for attack on Czech arms supplier and manufacturer DSS defence and security service
Municipality of Loures targeted by cyber attack
The computer system of the “Hydraulic Office of Corsica” blocked by a cyberattack
KillNet blocked the website of some european countries intelligence service
Cyberattack Disrupts Trains in Denmark
BackBone Link cut near Aix en Provence
Cyber espionnage campaign targeting russian companies
Tata energy company attacked by Hive ransomware
Iranian government blames 'foreign country' for hack-and-leak of nuclear information
WhatsApp down following an incident
University of Ansbach targeted by a cyber attack
Cyber attack shuts down information systems of Barcelona's health centres
Seine Maritime Department targeted by a cyber attack
Russian hackers attacked Bulgarian government websites
The French municipal network “Ecume” has been hit by a cyber attack
TeamOneFist in a new operation
The town of Chaville hit by a cyber attack
Black Basta Ransomware hackers infiltrates networks via Qakbot to deploy Brute Ratel C4
Pro-ukraine hacktivist groups have hit two Russian networks
Eni company under cyber attack, perhaps from Russia
James Webb telescope images used to hide malware
Patched TikTok security flaw allowed one-click account takeovers
RAT Tool disguised as solution file being Distributed on Github
The french hospital of Corbeil Essones refuse to pay ransom asked by attackers
A new phishing campaign on Instagram accounts
Vodafone Italy under cyber attack
Serbia hit by a pro-ukrainian cyber attack
Avos Locker claims the ransomware attack on Casa
Cybercriminals are using access to Hikvision cameras
Pro-russian Hacktivists targeting Lituania
Montenegro under a possible russian cyberattack
Italy's GSE energy company targeted by a cyberattack
Check Point Research detects Crypto Miner malware disguised as legitimate applications
Rising Tide: Chasing the Currents of Espionage in the South China Sea
UNISTO GmbH hit by a cyber attack
The streaming Russian platform "START” suffered a data leak
OrangeFR customers data sell on the darknet
RagnarLocker ransomware group leaked personal information about TAPAir
Cyberattack on Xi'an university traced to NSA in US
Swedish Election Authority hit by three cyber attacks on day of vote
LockBit 3.0 Ransomware claim attack on artdis.fr
Dutch man arrested on suspicion of stealing millions in crypto via phishing and malware
ENSIACET school hit by a cyberattack
Lockbit 3.0 is claiming the ransomware attack on Corbeil Essone Hospital
Atos and Eolas has been hit by a cyber attack
Balkan Investigative Reporting Network hit by a DDoS attack
Phishing campaign targeting Poland
Cyber attack at the city of Stockach
Cyber incident on Egelsbach city
Phoenix declared they will target hospitals as a response to attacks on Russia
TikTok data stolen by BlueHornet (AKA against the west)
Moscow university was hit with a cyberattack allegedly by Ukraine
LockBit 3.0 Ransomware claim cyber attack on FINNCO company
LockBit 3.0 Ransomware claim cyber attack on Stahlbau Regenhütte
IT Army of Ukraine has target Gazprombank
KillMilk is targeting japan in a new cyber campaign
Portuguese Department of defense victim of a cyber attack
Ransomware encrypts data of five Dutch municipalities
RagnarLocker claims to have hacked The National Natural Gas System Operator (DESFA) greek company
Cyber attack against Maldegem
The “Hopital Sud Francilien” in Corbeil-Essonnes affected by a Ransomware
"noname05716" has launched a campaign against Estonia news sites
Russia-linked Cozy Bear (APT29) uses evasive techniques to target Microsoft 365 users in NATO countries
Cyber attack on Crimean television Zelensky appeared instead of Russian propaganda
“Union nationale d'aide du Calvados”, a french enterprise for domestic services affected by a cyberattack
Grandoreiro banking malware targets Mexico and Spain
FRwL hacktivists group is threatening a Military Media Center of Ukraine with their Somnia locker
"ViceSociety" ransomware group claims responsibility for the cyberattack against French and Spanish organisation
Ransomware : grave cyberattaque contre Nexeya
'DarkTortilla' malware used for High-Volume RAT Infections
BlackByte ransomware gang is back with new extortion tactics
Five Limburg municipalities hit by cyber attack
Russian Cyber Army targeting Finnish satellite
Largest DDOS Attack Recorded By Google
"noname05716" pro-russian group claim to launch a campaign against Latva
LastPass systems was attacked to steal source code
TAP Air Portugal was hit by a Cyberattack
Altice company hit by Hive ransomware
Efficient 'MagicWeb' Malware coming from Nobelium group
Hackers Using Fake DDoS Protection Pages to Distribute Malware
German ar industrial company “Continental”hit by a cyber attack
Suhl city residents data exposed on the Darknet after cyberattack
“ASL Città di Torino” italian healthcare complex under ransomware attack
D0nutLeak ransomware group target Sando spanish company
Killnet will target Moldova in an attack campaign
LockBit gang hit by DDoS attack from Entrust
TeamOneFist group targeting a russian power plant
Data breach on Autodoc german company database
Nursing home of Pont-Audemer victim of a cyber attack
AgentTesla is threatening businesses around the world with a new campaign
Killnet targeting Moldova tax revenue website
Yanlouwang ransomware group adds Cisco on there victim list
After Latvia recognized Russia as a sponsor of terrorism, she is the target of cyber attacks
The german gymnasium of Gunzenhausen affected by cyber attack
“From Russia With Love” group targeting Ukrainian governement
KillNet continues cyber attack on US senate and KillMilk claim attack on LockHeed Martin and NASA
AtlasIntelligenceGroup leaked the first sample of data from the alleged China Telecom breach
The data of the union of the Valdisieve and Valdarno Municipalities are online
Cyber attack targeting the Finnish parliament "For joining NATO"
Killnet is calling on other hacktivist groups to join them in targeting Spain
Cyber attack against the news agency STT - some systems were shut down as a precaution
IT army of ukraine target russian bank sector
Russian hacker group is said to have targeted German energy suppliers
KillNet and KillMilk pro-Russian hacktivists posted Lockheed Martin data
Cyber-attack on TeleTrader
Microsoft disrupts a Russian group's cyber-espionage campaign
Russian cyber-attack targets “Energoatom” energy company
KillNet disable an Estonian payment system
TeamOneFist group has conducted cyber operation against a Russian SCADA system
Beijing Launches Cyberattacks Against Taiwan
Attack on a Polish company that provides remote reading of water meters
LockBit 3.0 Ransomware Victim : FAAC Group
Lockbit claims to have released data allegedly stolen from LaPosteMobile
KromSec has targeted belarus
Killnet and Killmilk continue to threaten Lockheedmartin
British health service is concerned about leakage of patient data
Hacktivist group claims to have hit a major Belarus company
KillNet's founder announces his retirement from the group
Russian hackers use fake DDoS app to infect pro-Ukrainian activists
ProUkraine hacking team “GhostSec” claimed cyberattack on the Gysinoozerskaya power station
QakBot : New Trojan Variant
The pro Ukrainian group KromSec claimed a DDoS attack against the government of Chechnya
CosmicStrand: sophisticated firmware rootkit allows durable persistence
KNAB comes under cyber attack; political parties financing database and mobile apps down
Spanish police arrest two accused of hacking radioactivity alert system
Police linked to hacking campaign to frame Indian activists
Flagstar Bank notifies 1.5 million customers of data breach
Iranian hackers used spearphishing attacks to target Israel
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine
9 arrested in Netherlands after Europol raids on phishing gang
Fast Shop closes stores and delays orders after alleged cybercriminal attack
Cyberattack hits Russian space agency site after sharing NATO photos
International operation takes down Russian RSOCKS botnet
Chinese APT groups targeting India, Pakistan and more with Sophos firewall vulnerability
Government surveillance isn't just about Pegasus. Spyware Hermit attacks on Android
Recorded Future detects escalation of ransomware attacks across LATAM government entities
Russia : Anonymous leaked 69,000 emails from the Public Chamber of Krasnoyarsk.
Lithuania targeted by DDoS attacks after they refused to lift the European Union sanctions on Russian goods
OT ICEFALL: The legacy of “insecure by design” and its implications for certifications and risk management
APT ToddyCat
Netherland police working on structural backup facility for ransomware recovery
Leaked Audio From 80 Internal TikTok Meetings Shows That US User Data Has Been Repeatedly Accessed From China
Killnet hits Lithuania over EU sanctions affecting Kaliningrad
Slovak Telekom and TMobile CZ hit by cyberattack
Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive
Mantis botnet described as the most powerful botnet to date
Belgium accuses Chinese hackers of cyber attacks on Defense and Home Affairs
North Korean ransomware called H0lyGh0st that targets small and medium-sized businesses
KillNet claims DDoS attacks against “Energijos Skirstymo Operatorius” (ESO) and “IGNIS” Lithuanian energy companies
Donetsk city website victim of a cyber-attack
Black Basta Ransomware Victim: The Wiener Zeitung media group
Estonian and Latvia presidential websites victim of a cyber attack
Targeted cyber-attacks on German politicians
Ransomware : l’attaque contre CCR revendiquée par un groupe inconnu, Lilith
Cyber attack on Ukrainian telecommunications operators
LockBit 3.0 Debuts With Ransomware Bug Bounty Program
Evilnum hackers return in new operation targeting migration orgs
Norway attacked by KillNet following threat from Russian authorities
Building materials manufacturer Knauf is the target of a cyber attack
Following the rocket attacks on the TPP, the enemy launches hacker attacks on the power system
Cyber-attack against the norwegian website provider Coretek
Italian city of Palermo shuts down all systems to fend off cyberattack
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies
Novartis says no sensitive data was compromised in cyberattack
Costa Rican government held up by ransomware … again
Malware gang Evil Corp switches to software-as-a-service
Microsoft Disables Iran-Linked Lebanese Hacking Group Polonium
SSNDOB Marketplace, A Series Of Websites That Listed More Than 20 Million Social Security Numbers For Sale, Seized And Dismantled In International Operation
Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant
WinDealer via man-on-the-side
Follina Exploited by State-Sponsored Hackers
BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state
New variant of Nokoyawa ransomware discovered
Back in business: the Cl0p grouping is back
Compromised US Academic Credentials Identified Across Various Public and Dark Web Forums
Killnet gang announces 'massive and unprecedented' attack on Italy
New version of Magniber ransomware threatens millions of Windows 11 users
Costa Rica’s public health agency hit by Hive ransomware
Chinese hacking group Aoqin Dragon quietly spied orgs for a decade
Hackers using Follina Windows zero-day to spread Qbot malware
QNAP investigating new Deadbolt ransomware campaign
Kremlin Says Cyberattack Delays Putin’s Forum Speech By 1 Hour
WooCommerce Credit Card Skimmer Uses Telegram Bot to Exfiltrate Stolen Data
Critical gap with maximum rating in smart home center Anker Eufy Homebase 2
The Russian botnet was disrupted. Millions of compromised devices
Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike
Cyber attack on the Greens
F5 Labs Investigates MaliBot
How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security
DDoS-for-hire service which bombarded websites with attacks earns man two years in prison
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
8 zero-day vulnerabilities discovered in popular industrial control system from Carrier
Iranian hackers target energy sector with new DNS backdoor
Russia warns of a “military clash” if it’s hit by US cyberattacks
GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool
Authorities Arrest ‘Prominent’ Nigerian BEC Threat Actor