Ciberseguridad en #espacio: cómo se está enfrentando Thales a los desafíos que están por llegar
Weekly Summary Cyberattacks 07-13 Nov
Fake CAPTCHAs used to infect devices with malware
Malware campaign detected stealing a wide range of sensitive data and emptying victims’ cryptocurrency wallets
APT36 intensifies its attacks with the evolution of ElizaRAT
New Xiū gǒu phishing kit targets users in five countries with 2,000 fake sites
New Android banking malware ToxicPanda targets users in Italy, Portugal, Hong Kong, Spain, and Peru
Cyber alert in Romania about death scam
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems
Hackers use Rekoobe Backdoor to Attack Linux Systems
Genesis Market gang tries to sell platform after FBI disruption
WISE REMOTE Trojan: Infostealer, RAT, DDoS Bot, and Ransomware
Emails Of US government officials hacked by China-backed actors
Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519
The new Net Worker Alliance group attacks and defaces various NATO and European entities
Malware campaign targets eastern European air-gapped systems
Residents of Vijfheerenlanden may be victims of data breach
Ukrainian hackers claim to leak emails of Russian parliament deputy chief
Airbus Cyber Attack: Work of ‘USDoD’ Hacker, Linked to Turkish Airlines Employee Account Hack
North Korean hackers plot Gmail theft attacks via Chrome extension
Chinese IT giant suspected of creating malicious Android software
Hacker attacks on NRW universities will change the cybersecurity doctrine
SABCA company victim of a cyber attack
‘Vulkan files’ leak reveals Russian cyber strategy
Attack exposes Hyundai car owners in France and Italy
Fake Google Chrome updates leveraged in malware distribution campaign
The Russia-linked APT29 is behind recent attacks targeting NATO and EU
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
Cyber attack on Helmholtz Zentrum München
The LockBit Ransomware group has added FIEGE
NoName057 launches a new attacks campaign on European countries
Cybercriminal claims to have access to Brazilian and French defence ministers' mail
Lille town hall victim of a cyberattack
PlugX RAT masquerades as legit Windows debugger to slip past security
UAC-0056 group launch disruptive attacks against Ukrainian government websites planned over one year earlier
ViceSociety added Kventa Kft and HAW Hamburg to their victim list
Frankenstein's monster found in PyPI, assembled from the code of various malware
Italian Lubrimetal and Sabena Engineering cyber attack by LockBit
LeakBase claims to have downloaded the Happy-Compta database
APT41 faction started using Google's Red Team tool
Ex-Conti members and FIN7 devs team up to push new Domino malware
Zaraza bot infostealer targets numerous search engines
Stealth Soldier is a new custom backdoor targeting North Africa with espionage attacks
Massive CoWIN data breach exposes personal data of users and putting over 1 billion at risk
The Universitat Pompeu Fabra hited by cyber attack
Cyber-attack on the Rheinische Post media group: websites cannot be reached
APT37 hackers deploy new FadeStealer eavesdropping malware
Cyber attack by ransomware on the University of Salerno
Data leak at Deutsche Bank and Postbank
New Big Head ransomware displays Windows Update screen
Charming Kitten hackers use new ‘NokNok’ malware for macOS
The fake Toyota France web address is a fraud scam
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Iranian-linked hackers have been conducting phishing attacks against Israel
In Saône-et-Loire, the Bourbon-Lancy casino closed for a week after being
LockBit ransomware group added Hasenauer Anlagenbau
Play ransomware cyber activities at beginning of May
Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims
BlackCat ransomware started using Windows kernel level driver
StrelaStealer Being Distributed To Spanish Users
DarkCloud Infostealer Being Distributed via Spam Emails
North Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
The site of Alessia Mosca hit by the Kelvin Security
French Peyrehorade ambulance was hit by ransomware
The Normandy Region victim of a cyberattack: Rouen and Caen affected
Formbook campaign via Libyan oil companies target Italy
Suspected cyber attack against Öland municipalities
Ukrainian railway, state agencies allegedly targeted by DolphinCape malware
Vjw0rm goes back to hiding in an email about beauty products
ViceSociety gang claims to have hacked the Universidad Catolica Portuguesa
Hackers breach energy organisations via bugs in discontinued web server
Play Ransomware added european victims to their list
BlackCat attack on Ayuntamiento
Cyber attack on Ulm University
French department under cyber attack
The Saint-Doulchard Oncology Center victim of a cyberattack
Cyberattack at the Versailles hospital center: the trail of a LockBit usurper
Intersport under Hive group cyber attack
Austrian company under Play Ransomware cyber attack
KromSec downloaded the data from the Iranian Ministry of Cooperation
Noname057 attacked some defence ministries in Europe
Ukrainian military system DELTA targeted by malware
Chinese Hackers Exploit Citrix Vulnerabilities
German industrial giant ThyssenKrupp targeted in a new cyberattack
NoName057(16) new campaign against Germany, France and Italy
A state-sponsored group is using the ReverseRAT backdoor to target India
The LockBit ransomware group has added new victims to its leak site
Lockbit ransomware gang hit the Portuguese municipal water utility Aguas do Porto
Germany’s Maklersoftware Breached, Listed among Black Basta’s Victim List
The RansomHouse ransomware group has added AESCULAPIUS Farmaceutici
LockBit ransomware group has added Trèves Group
Python developers have been warned about trojanised PyPI packages mimicking popular libraries
Hacking of a group of French pharmacists, more than 150,000 people hacked Analyst's observation
1000 ships impacted by a ransomware attack on maritime software supplier DNV
Cyber Army of Russia claim attack on Ukrinform
Kremlin state sponsored hackers targeted a large petroleum refinery
Technolit industrial targeted by a cyber attack
ALPHV group added Fruttagel to their victim list
KillNet announced end of transition to phase 2 and launch a DDoS attack
NoName057 attack campaign in europe
TeamOneFist operation Turn Ruzzia Off
Genesis group hacked Samsung
Hackers hijack EU websites to steal banking information
French Seine et Marne departement council victim of a cyber attack
Cyber assault on Orange Spain
Royal Ransomware claim attack on german company
Hive Ransomware add APM Terminals to their victim list
LockBit affiliate uses Amadey Bot malware to deploy ransomware
Conforama under cyber attack
Noname05716 targeting Polish science academy
BlackBasta Ransomware added Metro company to their victim list
LockBit 3.0 added Richard Wolf GmbH to their victim list
Continental enterprise acknowledged data theft
French city of Brunoy network suffered a ransomware attac
HiveLeak gang targeted Landi Renzo company
LockBit 3.0 european attacks second wave of claim
IT Army of Ukraine targeted GazpromBank
BlackByte ransomware group added Peterson & Hansson Byggnads to their victims list
DDoS attack on the websites of the Institute of National Remembrance
Cyberattack on the Polish Mother's Health Center
German websites of Scm-Pc-Card and Evas Schatztruhe suffered a breach
Russian hacktivists target polish airport
United Kingdom under KillNet attack
Schutznetze24 database on sell
Zarya continues to breach and leak data from Ukrainian database
KillNet was targeting Starlink
Spanish Ministry of Economy under cyber attack
Cyber Army Russia has targeted Hacken and trying to stop Ukraine citizens from accessing energy supplies
KillNet want to conduct a DDoS campaign against any targets in Poland
ViceSociety ransomware group claims responsibility for the cyberattack against Rhein-Pfalz-Kreis
An initial access broker claims to have hacked Deutsche Bank
Killnet claims attack on the public power corporation of Greece and the television network “Mega TV”
A cyber attack blocks the website of the Government of Bulgaria
The Italian company Norgine Italia was hit by the cybergang Kelvin Security
Zarya has breached micro-code company
North Korean hackers target European orgs with updated malware
Russian forces are preparing a massive cyberattack campaign
New Erbium password-stealing malware spreads as game cracks
New Chaos malware infects Windows, Linux devices for DDoS attacks
TeamOneFist claim to have attacked russian Satelite
Russian Hacktivists will target Dagestan
New russian hacktivists group targeting Slovakia
KillNet launch a new campaign against the United States
Attack on Tap airline, the customers data leaked
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder
Iran is now subject to the most severe internet restrictions and Anonymous takes down Iranian government websites
ITS group possibly victim of a cyberattack
Uber cloud systems has been attacked
French Cahors hospital targeted by a cyberattack
LockBit 3.0 claim attacks on coffeeberlin.com and software-line.it
Lockbit group claims to have attacked the Agency for Aerial Navigation Safety in Africa and Madagascar
LockBit group claims responsibility for attack on Czech arms supplier and manufacturer DSS defence and security service
Municipality of Loures targeted by cyber attack
The computer system of the “Hydraulic Office of Corsica” blocked by a cyberattack
KillNet blocked the website of some european countries intelligence service
Cyberattack Disrupts Trains in Denmark
BackBone Link cut near Aix en Provence
Cyber espionnage campaign targeting russian companies
Tata energy company attacked by Hive ransomware
Iranian government blames 'foreign country' for hack-and-leak of nuclear information
WhatsApp down following an incident
University of Ansbach targeted by a cyber attack
Cyber attack shuts down information systems of Barcelona's health centres
Seine Maritime Department targeted by a cyber attack
Russian hackers attacked Bulgarian government websites
The French municipal network “Ecume” has been hit by a cyber attack
TeamOneFist in a new operation
The town of Chaville hit by a cyber attack
Black Basta Ransomware hackers infiltrates networks via Qakbot to deploy Brute Ratel C4
Pro-ukraine hacktivist groups have hit two Russian networks
Eni company under cyber attack, perhaps from Russia
James Webb telescope images used to hide malware
Patched TikTok security flaw allowed one-click account takeovers
RAT Tool disguised as solution file being Distributed on Github
The french hospital of Corbeil Essones refuse to pay ransom asked by attackers
A new phishing campaign on Instagram accounts
Vodafone Italy under cyber attack
Serbia hit by a pro-ukrainian cyber attack
Avos Locker claims the ransomware attack on Casa
Cybercriminals are using access to Hikvision cameras
Pro-russian Hacktivists targeting Lituania
Montenegro under a possible russian cyberattack
Italy's GSE energy company targeted by a cyberattack
Check Point Research detects Crypto Miner malware disguised as legitimate applications
Rising Tide: Chasing the Currents of Espionage in the South China Sea
The streaming Russian platform "START” suffered a data leak
UNISTO GmbH hit by a cyber attack
OrangeFR customers data sell on the darknet
RagnarLocker ransomware group leaked personal information about TAPAir
Cyberattack on Xi'an university traced to NSA in US
Swedish Election Authority hit by three cyber attacks on day of vote
LockBit 3.0 Ransomware claim attack on artdis.fr
Dutch man arrested on suspicion of stealing millions in crypto via phishing and malware
ENSIACET school hit by a cyberattack
Lockbit 3.0 is claiming the ransomware attack on Corbeil Essone Hospital
Atos and Eolas has been hit by a cyber attack
Balkan Investigative Reporting Network hit by a DDoS attack
Phishing campaign targeting Poland
Cyber attack at the city of Stockach
Cyber incident on Egelsbach city
Phoenix declared they will target hospitals as a response to attacks on Russia
TikTok data stolen by BlueHornet (AKA against the west)
Moscow university was hit with a cyberattack allegedly by Ukraine
LockBit 3.0 Ransomware claim cyber attack on FINNCO company
LockBit 3.0 Ransomware claim cyber attack on Stahlbau Regenhütte
IT Army of Ukraine has target Gazprombank
KillMilk is targeting japan in a new cyber campaign
Portuguese Department of defense victim of a cyber attack
Ransomware encrypts data of five Dutch municipalities
RagnarLocker claims to have hacked The National Natural Gas System Operator (DESFA) greek company
Cyber attack against Maldegem
The “Hopital Sud Francilien” in Corbeil-Essonnes affected by a Ransomware
"noname05716" has launched a campaign against Estonia news sites
Russia-linked Cozy Bear (APT29) uses evasive techniques to target Microsoft 365 users in NATO countries
Cyber attack on Crimean television Zelensky appeared instead of Russian propaganda
“Union nationale d'aide du Calvados”, a french enterprise for domestic services affected by a cyberattack