La cyberattaque lancée contre le groupe Caisse Centrale de Réassurance vient d’être publiquement revendiquée par un groupe inconnu à ce jour, dit « Lilith ». Il menace de divulguer plus de 1 To de données. Read more about it: here

Organizations around the world rely on the use of trusted, reliable online storage services – such as DropBox and Google Drive – to conduct day-to-day operations. However, our latest research shows that threat actors are finding ways to take advantage of that trust to make their attacks extremely difficult to detect and prevent. The latest campaigns conducted by an advanced persistent threat (APT) that we track as Cloaked Ursa (also known as APT29, Nobelium or Cozy Bear) demonstrate sophistication and the ability to rapidly integrate popular cloud storage services to avoid detection. The use of trusted, legitimate cloud services isn't entirely new to this group. Extending this trend, we have discovered that their two most recent campaigns leveraged Google Drive cloud storage services for the first time. The ubiquitous nature of Google Drive cloud storage services – combined with the trust that millions of customers worldwide have in them – make their inclusion in this APT’s malware delivery process exceptionally concerning. Read more about it: here

The Federal Offices for Information Security (BSI) and the Office for the Protection of the Constitution (BfV) are warning of a current campaign in which strangers are trying to take over politicians' messenger accounts. According to media reports, "high-ranking political figures" have already become the target of the attacks in a warning that the BSI and BfV sent to the parliamentary groups in the German Bundestag on Monday. "BSI and BfV are aware of a current  that is aimed in particular at high-ranking political figures," according to a report by NDR and WDR in the warning. It is not known whether the attempts were successful or whether there is any evidence of the background. The picture had also reported about it. Read more about it: here

The police is working on a structural backup facility to be able to recover from a ransomware attack, but this is a multi-year project that has not yet been completed, Minister Yesilgöz of Justice and Security said in a letter to the Second. Chamber about the first half-year report 2022 of the police. The semi-annual report deals with the position of the police in society, the equipping of the police organization and the development of police tasks. It also contains figures on the different types of crime. Read more about it: here

Estonia: The Office of the President's website has been under a distributed denial-of-service (DDoS) attack for the past three weeks, while most recently it was hit by a massive cyber attack last Saturday, when it received around 40 million views in a few hours. Read more about it: here Latvia: Last week, the website of the office of the President of Latvia "www.president.lv" experienced increased DDoS or access failure attacks, similar to the one in Estonia, informs Madara Krutova, representative of the information technology (IT) security incident prevention institution "Cert.lv". Read more about it: here  

On June 20, 2022, the Chargé d'Affaires of Lithuania was summoned by the Russian state, to be informed that they must restore the passage of Russian goods through the Kaliningrad railway station. Otherwise, they threatened Lithuania to "take actions to protect [Russia’s] national interests." A few hours later, the DDoS criminal syndicate Killnet tasked their squads to target a selection of Lithuanian institutions' websites with full power. Among other victims are the national police, two mobile network providers (BITE and Telia) and a bank (LPB). Read more about it: here and here

Black Basta Ransomware Victim: The Wiener Zeitung media group Read more about it: here

The building materials manufacturer Knauf has become the target of a cyber attack. This was announced by the company based in Iphofen (Kitzingen district) on Thursday. The "Main-Post" had previously reported on it. On Wednesday night, previously unknown perpetrators attacked the group's IT infrastructure, it said: "The attack was recognized immediately and professionally isolated as a result." Parts of the systems have been temporarily shut down for security reasons and for further IT forensic investigations. This affects the supply chains of the group. The company did not provide any further information. Read more about it: here

Mayor Kulemzin: the website of the Donetsk administration "Russian side" was subjected to a DDoS attack, the resource is temporarily unavailable. Read more about it: here

The Russian Federation carried out a cyber attack on the IT infrastructure of the DTEK Group. The attackers' goal is to destabilize the technological processes of generating and distribution companies and undermine the energy security of Ukraine, as well as to spread known false information about the companies' work through state propaganda bodies, and as a result, to leave Ukrainian consumers without electricity. Read more about it: here