Europe News

thumbnail

The Italian company Norgine Italia was hit by the cybergang Kelvin Security

On November 12, 2022, the cyber criminal group Kelvin Security claimed on Breach Forums a cyberattack against Norgine Italia. In this claim, it is stated that 3.15 GB of data has been exfiltrated from the system and that this data contains documents of various types, such as PDFs, DOCXs and XLSs. A link has also been provided to contact the seller and make purchase arrangements. This message was not only posted on Breach Forums, but also on the gang's Telegram channels.  Read more about it : here

thumbnail

Hive Ransomware add APM Terminals to their victim list

On 9 November 2022, the cybercriminal group Hive ransomware added the Natherland-based company APM Terminals, a harbor operator, subsidiary of Maersk, to its list of victims. No details are given about the nature of the stolen data or the direct consequences of the attack on the company. The attack is believed to have taken place on 17 October and the stolen data will be released on 11 November.  Read more about it : here

thumbnail

New russian hacktivists group targeting Slovakia

A new group of pro-Russian hacktivists emerged via an attack claim on 5 October 2022. The group calls itself "We are Clowns" and claims to have launched a DDoS attack against the website of the Human Rights Centre in Slovakia. The group also stated the duration of the attack when it was carried out, namely two hours. The creation of this group and its attack on a Slovakian site is part of a new campaign by various Russian groups targeting countries supporting Ukraine's membership of NATO. Read more about it : here

thumbnail

LockBit 3.0 claim attacks on coffeeberlin.com and software-line.it

According to the media outlet Ransomwaremap, the cybercriminal group LockBit 3.0 claimed responsibility for a ransomware attack on 16 September on the websites "kaffeberlin.com", a chain of cafés and restaurants in France, and "software-line.it", a group of computer system designers in Italy. Kaffeeberlin has 14 days and software-line 7 days before the stolen data is published.  Read more about it : here and here

thumbnail

The town of Chaville hit by a cyber attack

During the night of 14 to 15 October 2022, the computer servers of the Chaville town hall were the victims of a large-scale cyber attack. As a result, the main services associated with the town hall's servers were interrupted or disrupted. The cybercriminal group Cuba claimed responsibility for the attack on 18 October, confirming the ransomware attack. The impact of this attack could be significant if the town hall's servers are affected, beyond just some of the computers on the network. If the servers are down, it is possible that important data such as residents' personal data will be lost, but also that the council's services will be unavailable until the servers are replaced or the ransom is paid.  Read more about it : here

thumbnail

TeamOneFist claim to have attacked russian Satelite

One of the spokesmen for the pro-Ukraine hacktivist group TeamOneFist claimed responsibility for a major attack on the Russian satellite network "Gonets" during the "Pleiades" cyberoperation. The attack would have disabled the satellite network.  He claims to have penetrated the CRM/customer database, which is referenced by the network in order to send/receive messages. Having failed to download the database, which was under heavy surveillance, the group decided to destroy it without being detected.  From this data, the group discovered that the Gonets network was used by 97 organizations to transmit sensitive data, including fishing companies, energy companies and the FSB.  Read more about it : here

thumbnail

French Cahors hospital targeted by a cyberattack

The French hospital in Cahors was the victim of a cyber attack on Thursday 15 September. The attack mainly affected the hospital's internal messaging system, so patient care is continuing as normal. Internet access has been restricted in the hospital to ensure the security of the health facility. Patient data is not affected as it is hosted by another service provider.  For the time being, the attack has not been claimed.  Read more about it : here

thumbnail

University of Ansbach targeted by a cyber attack

On Thursday 20 October 2022, the German University of Ansbach was the target of an attack by cyber attackers. The attackers have not yet been identified and have not claimed responsibility for the attack.  The targeted server could be isolated from the rest of the network, which prevented the attackers from doing significant damage. For security reasons, all access has been blocked for staff and students and it is not possible to connect to any of the university's computers. Virtual seminars are also expected to be partially cancelled. In view of the measures taken by the university, it is possible that this attempted attack is similar to a ransomware attack.  Read more about it : here

thumbnail

Municipality of Loures targeted by cyber attack

ccording to a share from the media outlet "BetterCyber", on 9 October, the ransomware group "HiveLeak" claimed responsibility for an attack targeting the Portuguese municipality of Louros. The attack reportedly took place on 22 September and the stolen data was revealed between 9 and 10 October. The town of Louros has a small population and appears to be small in size, with an economy based primarily on tourism. It is likely that this ransomware attack will have a significant impact if the ransom demanded is high. Furthermore, despite the nature of the stolen data, the sample provided in the leak page includes contact, financial and administrative information, which may expose residents to further cyber threats if their data is revealed.  Read more about it : here

thumbnail

Attack on Tap airline, the customers data leaked

On 2 September, the airline TAP Air Portugal said it had suffered a cyber attack, which was "quickly reported to the competent authorities".  However, the Portuguese national airline recently admitted that the cyber attackers who attacked it in early September had stolen some of its customers' personal data and published it on the dark web. Despite this, the airline said all payment details appeared to be safe.  Read more about it : here