On November 11, 2022, the threat actor "0x_dump" claimed to have hacked the multinational investment bank "Deutsche Bank" and allegedly offered access to its network for sale online.  The attacker claims to have access to about 21,000 machines on the bank's network, most of which are Windows systems, and says he has gained access to chat services used for internal communications. It also allegedly stole 16 terabytes of data. The access is for sale for 7.5 bitcoins which is approximately $156,274.  Read more about it : here

On 8 November 2022, the telecommunications company Orange informed its Spanish customers that one of its suppliers had suffered a cyber security breach. One of the affected subcontractors is believed to be a debt collection service and has had data exfiltrated about some of the company's buyers. Although the number of customers affected is unknown at this time, all affected customers have reportedly been notified of the leak via email or SMS. The data stolen from the subcontractor is said to contain the full name, postal address, telephone number, email, DNI/NIE numbers, delivery date, nationality and IBAN code of the current account of some buyers.  Read more about it : here

On 22 November 2022, the pro-Russian hacktivist group KillNet announced that it had launched a series of DDoS attacks against several official websites in Britain. The sites affected were: the Royal Family website, the London Stock Exchange website, the BacsUK website and the British Army website. During the attack, all sites were accessible from the US, but the British Army site appeared to be under maintenance.  Read more about it : here

On october 31, 2022, the French city of Brunoy suffered a cyber attack, probably of the ransomware type, in view of the communication made by the town hall. The latter also said that the administration's entire work network had been blocked in order to stop the spread of the malware while the extent of the attack was assessed. Despite the fact that administrative work is affected, municipal facilities such as the Town Hall, leisure centres, nurseries and the municipal police remain open. The impact of this attack on the town hall of Brunoy is probably minor. Indeed, most essential basic services remain active for the moment and only purely administrative matters should be stopped and delayed until the crisis is resolved.  Read more about it : here

On November 13, 2022, the Bulgarian Council of Ministers website suffered a DDoS attack that rendered access to its platform impossible. The government announced that all means were being used to counter the attack and restore accessibility to the site.  The Bulgarian executive's cybersecurity coordinator, Petar Kirkov, said the attack probably came from the pro-Russian hacktivist group KillNet, who even claimed responsibility for the attack via its telegram group.  Read more about it : here

On 9 November 2022, the cybercriminal group Royal ransomware added two German companies to its list of victims: Zender, an automotive manufacturer based in Mulheim Karlich, and Ortmeier Maschinen und Vorrichstungsbau Gmbh, a manufacturer of robots and industrial machinery.  The attackers did not specify the nature of the stolen data or the ransom demanded, so we will have to wait for more details from the victims to clarify the consequences of these attacks.  Read more about it : here

On 23 November 2022, the pro-Russian hacktivist group Noname057 claimed to have launched a series of DDoS attacks on the Polish airport of Rzeszów-Jasionka. As of 17:00, the site was accessible in France but possibly unreachable from other countries and continents.   Read more about it : here

On Monday 7 November 2022, the company Continental acknowledged that following the cyber attack they suffered in August, approximately 40 terabytes of data had been exfiltrated. The investigation by cyber experts after the incident continues as the company also announced that no data had been encrypted, allowing business to continue.  It should be noted that on 4 November, LockBit 3.0 claimed responsibility for an attack on Continental, although it is not known whether this is the same attack as the one that took place in August.  Read more about it : here

On November 12, 2022, the cyber criminal group Kelvin Security claimed on Breach Forums a cyberattack against Norgine Italia. In this claim, it is stated that 3.15 GB of data has been exfiltrated from the system and that this data contains documents of various types, such as PDFs, DOCXs and XLSs. A link has also been provided to contact the seller and make purchase arrangements. This message was not only posted on Breach Forums, but also on the gang's Telegram channels.  Read more about it : here

On 9 November 2022, the cybercriminal group Hive ransomware added the Natherland-based company APM Terminals, a harbor operator, subsidiary of Maersk, to its list of victims. No details are given about the nature of the stolen data or the direct consequences of the attack on the company. The attack is believed to have taken place on 17 October and the stolen data will be released on 11 November.  Read more about it : here