👁 socat @socat@nanao.cybtex.fr

🚨 CVE-2021-1675 - Microsoft Windows Print Spooler Elevation of Privilege Vulnerability

🔥 Des codes d'exploitation sont publiquement disponibles (ITW), ce qui signifie que l'exploitation de cette vulnérabilité est imminente ou déjà en cours.

🖨 Ces codes exploitent la possibilité offerte par le service spouleur d'impression de téléverser un pilote, dans le cadre de l'ajout d'une nouvelle imprimante, pour installer un code malveillant. Or, par défaut, le service spouleur d'impression (print spooler) est activé sur les contrôles de domaine Active Directory.

Un attaquant, ayant préalablement compromis un poste utilisateur, pourra in fine obtenir les droits et les privilèges de l'administrateur de domaine Active Directory.

#INFORMATIQUE #CYBER

https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-013/

Les opérateurs de Vice Society revendiquent des attaques contre :

• 🇨🇦 Filgo (filgo.ca)

• 🇺🇸 Whitehouse Independent School District (whitehouseisd.org)

• 🇺🇸 Alliance COAL, LLC (arlp.com)

• 🇨🇭 Rolle (rolle.ch)

• 🇳🇿 Waikato District Health Board (waikatodhb.health.nz)

• 🇺🇸 Priority Building Services, LLC (priorityservices.net)

• 🇸🇦 Communications Solutions Company (csc-sa.com)

• 🇪🇸 JEALSA (jealsa.com)

• 🇺🇸 McNamara & Thiel Insurance Agency (mtins.net)

• 🇺🇸 FREDERICK Public Schools (frederickbombers.net)

#USA #SAUDI #CANADA #SPAIN #SWITZERLAND #NEWZEALAND #RANSOMWARE #VICESOCIETY #DATABREACH #INDUSTRY #FACILITIES #BUSINESS #CORPORATE #FIRMS #CREATIVE #HEALTHCARE #ENVIRONMENT #EXCELLENCE #ACADEMIC #HEALTH #SOCIAL #CORPORATION #MEDICAL #DISTRICT #AGENCIES #STRATEGIC #EXCELLENCE #INDUSTRIES #PETROLEUM #EXPERIENCE #MUNICIPALITIES #SANTÉ #CAREERS #COMPANY #NATURAL #SERVICES #CLIENTS #MUNICIPALITY #COMMUNITY #ENVIRONNEMENT #BUSINESSES #MANUFACTURING #DISTRIBUTION #SEAFOOD #FISH #PRODUCTS #ICT #TELECOMMUNICATION #NETWORKING #OIL #MANAGEMENT #INDUSTRIAL #EMPLOYEES #MAINTENANCE #OPPORTUNITIES #PROGRAMS #BUILDING #INNOVATIVE #COMPANIES #STAFF #DISTRIBUTOR #SALARIES #FACILITY #EXPERIENCE #RESOURCE #COAL #STUDENTS #PRODUCTION #GAS #MINERAL #INSURANCE

Les opérateurs de Lorenz revendiquent une attaque contre :

• 🇺🇸 Refuah Health (refuahhealth.org)

Our team of doctors, specialists, and dentists work together to provide high-quality, comprehensive care. Our seamless coordinated care is fast and efficient, allowing our Members to focus less on their healthcare and more on their lives. Our mission is to provide high-quality, comprehensive medical, dental and supportive services to all patients, regardless of their ability to pay.

#USA #RANSOMWARE #LORENZ #DATABREACH #HEALTH #SURGERY #CUSTOMERS #MEDICAL #BUSINESS #UROLOGY #PATIENTS #RECORDS #CARE #EMPLOYEES #HEALTHCARE #STAFF #RADIOLOGY #DENTAL #DOCTORS #NURSES #WORKPLACE #MEMBERS #CARDIOLOGY #MANAGEMENT #COVID19 #FUNDING #DENTISTRY #RESOURCES #FEDERAL #GASTROENTEROLOGY #SERVICES #OPTOMETRY #SUPPORT #MEDICINE #BILLING #OTOLARYNGOLOGY #MENTAL #FAMILIES #ASTHMA #PODIATRY #CORONAVIRUS #BLOOD #PULMONOLOGY #COMMUNITY #DIABETES #EMERGENCY #RHEUMATOLOGY #ASSISTANCE #TRANSPORTATION #SOLUTIONS #INSURANCE #CAREERS #PNEUMONIA

Les opérateurs RagnarLocker revendiquent une attaque contre :

• 🇹🇼 [1500GiB] ADATA Technology Co., Ltd (adata.com)

Fondée en 2001, A-Data est une importante société taiwanaise produisant des composants informatiques basés sur la mémoire. Taiwanese memory and storage manufacturer, founded in May 2001. Its main product line consists of DRAM modules, USB Flash drives, hard disk drives, solid state drives, memory cards, memory readers, USB chargers, power banks, wireless, mobile accessories. ADATA is also expanding into new areas, including robotics and electric powertrain systems. In 2017, ADATA was the second-largest DRAM module manufacturer in the world. Since, ADATA have extended its business to Europe and the Americas, while competing strongly with Samsung in Asia. Xtreme Performance Gear (XPG) (xpg.com) was established by ADATA with the aim of providing high-performance products to gamers, e-sports pros, and tech enthusiasts.

#USA #RANSOMWARE #RAGNARLOCKER #ISC #DATABREACH #FIRMS #INTERNATIONAL #STORAGE #MANUFACTURER #MEMORY #BRAND #INDUSTRIAL #CUSTOMERS #POWERTRAIN #LIGHTING #INDUSTRIES #DEVELOPMENT #GAMING #PARTNERSHIP #SOFTWARE #TRANSPORTATION #FUTURE #VISION #INVESTMENT #SENSITIVE #COMMERCIAL #THREATS #NUMÉRIQUE #SOCIAL #CORPORATION #DRAM #SUPPLY #SYSTEM #TEAM #SPONSORSHIP #BACKUP #BUSINESES #CYBER #TECHNOLOGIES #INVESTORS #CHAIN #RELATIONS #NETWORK #INFORMATIQUE #ELECTRONIC #HARDWARE #GAMERS #CLIENTS #SALES #ENVIRONNEMENTAL #CORPORATE #DIGITAL #SHAREHOLDERS #PARTNERS #CONFIDENTIAL #NAND #BLUEPRINTS #FIRMWARE #BACKDOORS #USB #SUPPLYCHAIN #DEVICES #SYSTEMS #FINANCIAL #CAREERS #EMPLOYEES #SALARY #PAYMENTS #SMART #IDTHEFT #POWER #PRODUCTS #LICENSE #PATENTS #SERVICES #SUPPORT #MAINTENANCE #INTELLIGENT #SOLUTIONS #MOTOR #ROBOTICS #EUROPE #ELECTRIC #COMPONENT #FLASH

Les opérateurs de RansomExx diffusent des données relatives à :

• 🇦🇷 [54.54GiB] Universal Assistance S.A. (universal-assistance.com)

Born 40 years ago, our company has been providing comprehensive assistance services to travelers ever since. Our global operations serve customers across five continents through our 24/365 multilingual call centers located across the world. Universal Assistance is part of Zurich Insurance Group, one of the world's leading providers of travel assistance and travel insurance. Zurich Insurance Group (Zurich) is a leading multi-line insurer that serves its customers in global and local markets.

#ARGENTINA #RANSOMEXX #RANSOMWARE #MARKET #INSURANCE #DATABREACH #DIGITAL #MEDICAL #ASSISTANCE #MOBILE #SMART #EMPLOYEES #PREMIUM #CUSTOMERS #SUPPORT #CLIENTS #ASSURANCES #BRANDS #PRODUCTS #TRAVEL #AGENCY #OPERATION #AIRPORT #MARKETS #GLOBAL #INTERNET #SERVICES #ECONOMIC #SPECIALIST #SOLUTIONS #BUSINESS #CYBER #CAREERS #PAYMENT #EXPERTS #PROVIDERS #LEGAL #HEALTH #COVID19 #NETWORK #HEALTHCARE #SYSTEM #PASSPORT #FINANCIAL #CORONAVIRUS #CARE #INFRASTRUCTURE #HOSPITAL #DOCUMENTS #ECONOMY #SMARTPHONE #FLIGHT #COMPANY #HOSPITALIZATION #MANAGEMENT #PAYMENTS

Les opérateurs Grief revendiquent une attaque contre :

• 🇺🇸 Warren Vicksburg School District (vwsd.org)

Warren Vicksburg School District is located in Vicksburg, MS, United States and is part of the Public Schools K-12 Industry. Warren Vicksburg School District has 965 total employees across all of its locations and generates $85.17 million in sales (USD). There are 24 companies in the Warren Vicksburg School District corporate family.

#USA #RANSOMWARE #GRIEF #DATABREACH #SCHOOLS #CORPORATE #SALES #PROJECTS #COLLEGE #CITIZENS #GRADUATE #SCHOLARSHIP #FACILITIES #BUDGET #MANAGEMENT #EDUCATION #CAREERS #STUDENT #DISTRICT #COMMUNITY #ATHLETICS #STAFF #COMPANIES #TEACHERS #PARENTS #EMPLOYMENT #STUDENTS #JOBS #CITY #INSTITUTIONS #CAMPUSES #SCHOLAR

Les opérateurs LV revendiquent une attaque contre :

• SMPDYNAMICS

Soit c'est une erreur de typographie soit cette société est discrète puisque nous n'avons pas été en mesure de l'identifier formellement.

Sur une capture d'écran figure l'interface d'un Payroll Software & Time Management dont le bandeau courant est positionné sur la série TV « The Gilded Age ».

Parmi les données d'autres échantillons figurent des informations (nom, prénom, adresse, numéro de sécurité sociale,..) d'actrices (Meghan Fitton, Tsikhanava Anastasiya, Juri Love,..) demeurant aux États-Unis (Massachusetts, New Hampshire, Rhode Island,..)

#USA #LV #RANSOMWARE

A suivre...

🇫🇷 #FRANCE - Les systèmes informatiques et téléphoniques du CASAS, la Communauté d'Agglomération Saint-Avold Synergie (agglo-saint-avold.fr), impactés par une attaque informatique par #ransomware perpétrée dans la nuit du mercredi 2 juin 2021. Les données de sauvegardes ont également été chiffrées.

Les opérateurs de Avaddon revendiquent des attaques contre :

• 🇮🇹 Estendo S.p.A (estendo.it)

Provides property and casualty insurance services. The company offers insurance policies for household electronic appliances.

• 🇺🇸 Cormetech, Inc (cormetech.com)

A world leader in manufacturing of high-quality environmental catalysts, providing SCR catalyst regeneration and engineering services for the power, marine, industrial-process, refinery, and petrochemical markets.

• 🇧🇪 Tetra Law (tetralaw.com)

Fondée en 2012, Tetra Law a connu un développement rapide et important basé sur les fondamentaux suivants :

• 🇪🇸 Crystal Travel Retail S.L. (crystaltr.com)

Crystal Travel Retail fue fundada en el año 1995 por profesionales procedentes del sector “Duty Free” para cubrir las demandas de tiendas de electrónica en los aeropuertos. Desde entonces hemos abierto tiendas especializadas en electrónica en los Aeropuertos más importantes de España, habiendo iniciado recientemente nuestra expansión Internacional en Bélgica. Actualmente estamos ampliando nuestra diversificación tanto en otros aeropuertos internacionales como en otros sectores como la moda, regalo o complementos.

#USA #ITALY #SPAIN #BELGIUM #RANSOMWARE #AVADDON #DATABREACH #BUSINESS #LITIGATION #EXPERTS #OFFICE #LOGISTICS #SENSITVE #DIGITAL #MARINE #MARKETS #BRANDS #SOLUTIONS #ATTORNEYS #LAWS #TAX #AIR #WORLD #ELECTRONIC #DESIGN #DEVELOPMENT #ADVOCACY #CORPORATION #EXPERTISE #FIRMS #LIQUIDATIONS #ASSISTANCE #APPLIANCES #AIRPORT #ACQUISITIONS #ENVIRONMENTAL #ADVOCATS #SUPPORT #WARRANTIES #TRADING #HOUSEHOLD #TRUCKS #NATIONAL #LAWYERS #JUSTICE #INNOVATIVE #CRASH #TRANSACTIONS #BUILDING #CLIENTS #MANUFACTURERS #EMPLOYEES #COMPANIES #MANAGEMENT #ENGINEERS #REPUTATION #REFINERY #FUTURE #CYBER #RETAIL #INSURANCE #WORKOUTS #COMMERCIAL #ADVOCATES #POWER #CASUALTY #IRS #TECHNOLOGIES #SERVICES #ATTORNEY #INDUSTRIAL #INTERNATIONAL #PETROCHEMICAL

Les opérateurs de Avaddon revendiquent des attaques contre :

• 🇲🇽 **Talma Servicios Aeroportuarios (talma.com.mx)

Pioneers in bonded warehouse services with more than 25 years of experience, Talma Peru and Talma México. In 2015 we have attended more than 1,750 flights and we have moved more than 34 metric tons of domestic and international air cargo. We are a company with more than 260 colleague experts trained under high international standards and operating in 3 stations: Mexico City, Toluca and Guadalajara. We have three business units: bonded warehouses, maneuvers and bonded trucking Service.

• 🇺🇸 Sandlin Homes (sandlinhomes.com)

Founded in 1957, Sandlin Homes has been building superior quality, family homes in Texas for 60 years.

• 🇺🇸 Timpanogos Harley-Davidson (timpharley.com)

One of the largest dealerships in the United States, our dealership harvested more than 75 percent of the materials from Geneva Steel to construct our 58,000 square-foot building.

• 🇰🇼 Al Imtiaz Investment Group (K.S.C.P) (alimtiaz.com)

A leading Kuwaiti Sharia'a compliant investment group established in 2005 and was listed on Bourse Kuwait in 2011.

#USA #KUWAIT #MEXICO #RANSOMWARE #AVADDON #DATABREACH #EXPERT #INDUSTRY #SERVICES #RESIDENTIAL #ECONOMY #BUILDING #BANKING #RETAIL #TRANSPORT #MARKET #AIRPORT #CLIENTS #COMMERCE #CORPORATE #SYSTEMS #AIR #MAINTENANCE #CARGO #BUSINESSES #TRANSPORTATION #IATA #COMPAGNY #FINANCIAL #INVESTMENT #SOLUTIONS #MANAGEMENT #DESIGN #TECHNOLOGY #FIRMS #INVESTMENTS #BUSINESS #TECHNOLOGIES #SHOP #CORPORATION #MARKETS #INTERNATIONAL #CYBER #TRANSACTION #THREATS #DEALERSHIP #TRACKING #LOGISTICS #COMMERCIAL #COMPANIES #STORES #BRANDS #PRODUCTS #SUPPORT #WAREHOUSE

Les opérateurs de Revil revendiquent une attaque contre :

• 🇺🇸 Law Offices of Michael B. Brehne, P.A (brehnelaw.com)

Law Firm's Services. Based in Altamonte Springs, Fla., with additional offices in Tampa, Melbourne and Orlando, the Law Offices of Michael B. Brehne, P.A. provide personalized and dedicated legal representation to individuals throughout the Orlando area, as well as the greater Central Florida region.

#USA #RANSOMWARE #REVIL #DATABREACH #ATTORNEYS #LAWS #TAX #LEGAL #BUSINESS #ATTORNEY #LITIGATION #ADVOCATES #CORPORATION #IRS #SENSITVE #DIGITAL #FAULT #TRANSACTIONS #JUSTICE #EXPERTS #OFFICE #COMMERCIAL #REPUTATION #SERVICES #COMPANIES #ADVOCATS #CAREERS #MARKETS #FIRMS #COMPENSATION #EMPLOYEES #SAFETY #AUTOMOTIVE #ACCIDENTS #MOTORCYCLE #CRITICAL #WORKERS #MEDICAL #INJURY #CARE #COMPANY #SETTLEMENTS #FAMILY #CRIMINAL #EXPERTISE #VEHICLE #DISPUTES #AUTOMOBILE #CLIENTS #JURY #NEGOTIATIONS #VERDICTS

Les opérateurs de Xing 星Team revendiquent une attaque contre :

• 🇺🇸 Blue Yonder Group, Inc (blueyonder.com)

Blue Yonder (formerly JDA Software Group) is an American software and consultancy company, providing supply chain management, manufacturing planning, retail planning, store operations and category management offerings headquartered in Scottsdale, Arizona. The company has more than 5,500 employees and 3,000 corporate customers in the manufacturing, distribution, transportation, retail and services industries. Blue Yonder is the world's leading, end-to-end, digital supply chain platform provider, enabling companies to better predict and pivot to quickly fulfill customer demand. Blue Yonder’s intelligent platform empowers companies to make smarter, faster business and commerce decisions to deliver more growth, less waste and amazing customer experiences.

#USA #RANSOMWARE #XING #DATABREACH #XINGTEAM #CORPORATE #INDUSTRIAL #CLOUD #BUSINESS #INFORMATIQUE #SOFTWARE #SUPPLYCHAIN #FIRMWARE #CYBER #THREATS #ENGINEERS #DISTRIBUTION #FIRMS #NUMÉRIQUE #COMPANY #CORPORATION #TRANSPORTATION #INDUSTRY #SUPPLY #SHAREHOLDERS #CRISIS #CHAIN #EMPLOYEES #TECHNOLOGY #PARTNERSHIP #SCIENCES #INNOVATIVE #STRATEGY #CLIENTS #SERVICES #DIGITIZATION #SUPPORT #PRODUCTS #COMMERCIAL #PANASONIC #NETWORKS #INFRASTRUCTURES #DEVELOPMENT #COMPUTING #SOLUTIONS #FINANCIAL #PRODUCTION #CUSTOMERS #COMMERCE #INTELLIGENT #EXPERTS #COMMUNITIES #FUTURE #WORLD #DIGITAL #DATA #WARFARE #PLATFORM #TRANSFORMATION #MICROSOFT #AZURE #CORONAVIRUS #LOGISTICS #PLANNING #MANAGEMENT #DISRUPTIONS #ORDERS #WAREHOUSING #ARTIFICIAL #INTELLIGENCE #ROBOTICS #SYSTEMS #WAREHOUSE #AUTOMATION #ECONOMIC #AUTONOMOUS #STRIKES #OPERATIONS

Les opérateurs de REvil revendiquent de multiples attaques contre :

• 🇺🇸 Aspire Systems, Inc (aspiresys.com)

Aspire Systems is a global technology services provider for our customers that span 150+ VC funded start-ups to Fortune 500 companies. We have technology expertise around Software Engineering, Digital Services,..

• 🇺🇸 Sol Oriens, LLC (soloriensllc.com)

Veteran-owned consulting firm focused on managing advanced technologies and concepts with strong potential for military and space applications.

• 🇧🇷 Wilson Sons Group (wilsonsons.com.br)

Wilson Sons is the largest integrated port and maritime logistics operator in Brazil. With over 180 years of history, we have complete solutions for various industries, such as oil and gas and foreign trade.

• 🇺🇸 St. John Knits International, Inc (wilsonsons.com.br)

St. John Knits International Inc. is a luxury American fashion brand that specializes in women's knitwear founded in 1962 by Robert and Marie Gray.

• 🇫🇷🇳🇱 Tendriade (tendriade.fr)

Société spécialisée dans l'abattage et la transformation des veaux. Tendriade a intégré le groupe néerlandais VanDrie Group Veal (vandriegroup.com) en fin d'année 2013. Tendriade has two locations for the slaughter and processing of meat, making it possible to guarantee delivery of really fresh products throughout France. Tendriade has a turnover of 200 million euro, slaughters 200,000 calves and produces approximately 30,000 tonnes of veal annually.

#USA #FRANCE #BRAZIL #NETHERLANDS #RANSOMWARE #REVIL #DATABREACH #OIL #GAS #MARITIME #CYBER #MARINE #THREATS #MILITARY #MARKETS #CORPORATE #GOVERNANCE #DIGITAL #INDUSTRIES #TRADES #PORT #TECHNOLOGIES #ARMY #VETERAN #INTELLIGENCE #INDUSTRIAL #DEVELOPMENT #MANAGEMENT #TECHNOLOGY #CONSULTING #FIRMS #LUXURY #AMERICAN #ECONOMIC #CAPITALISM #ORGANIZATIONS #FASHION #BRANDS #CLOTHES #CHAIN ##SOFTWARE #BUTCHER #BUSINESS #SHOP #ARTISANS #EXPLOITATION #JEWELRY #STORES #MATERIALS #CAPITALIST #SUPPLYCHAIN #CORPORATION #FINANCIAL #SHAREHOLDERS #STEAKHOUSE #PROFITS #MICROSOFT #AZURE #PRODUCTION #ANIMAL #MEAT #COMMERCE #SLAUGHTERHOUSES #SUPPLY #VEAL #PRODUCTS #BRANDS #MANUFACTURERS #DISTRIBUTION #NETWORKS #STEAKS #LOGISTICS #MANGERBOUGER #BIO #SUPERMARKET #CLOUD #NUMÉRIQUE #MOBILE #VEALCUTS #APPLICATION #ANIMAUX #DELIVERY #ÉLEVAGE #BOUCHERIE #CORONAVIRUS #MARKET #BANKING #ROBOTICS #SYSTEMS #FUTURE #INFRASTRUCTURES #DATA #AUTOMATION #CAREERS #EXPERTS

Les opérateurs de Xing 星Team diffusent des données relatives à :

• 🇺🇸 Greenwood Fabricating & Plating (gfpi.com)

Founded in 1986 to service electrical equipment manufacturers. Since then, we have grown into a full service fabrication, machining, and electroplating job shop, providing finished components to a wide classification of manufacturers.
Incorporating the latest technology in design and manufacturing, we are capable of fabricating your most intricate parts and assemblies. And because of our ability to produce your parts from start to finish, we offer all the advantages of reduced inventories, shorter cycle times, one-point invoicing, and reduced scrap.

#USA #RANSOMWARE #XING #DATABREACH #XINGTEAM #BUSINESS #COMMERCIAL #NICKEL #MACHINING #TECHNOLOGIES #ZINC #MANUFACTURERS #TIN #FABRICATION #INNOVATIVE #ELECTROPLATING #MARINE #CYBER #AEROSPACE #THREATS #ELECTRICAL #INDUSTRIAL #TECHNOLOGY #TRANSPORTATION #CNC #CAREERS #AGRICULTURE #FINANCIAL #PRODUCTS #ENVIRONMENTAL #SILVER #EMPLOYEES #TEAM #PROJECTS #ACCOUNTING #PHOSPHATE #MATERIAL #ENGINEERS #SALES #SERVICES #INDUSTRY #METAL #MACHINES

As the lead federal investigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities. We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice. We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable. Our private sector partnerships are essential to responding quickly when a cyber intrusion occurs and providing support to victims affected by our cyber adversaries. A cyberattack on one is an attack on us all. We encourage any entity that is the victim of a cyberattack to immediately notify the FBI through one of our 56 field offices.

https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-jbs-cyberattack

Les opérateurs de Lorenz revendiquent une attaque contre :

• 🇦🇺 Langs Building Supplies Pty Ltd

Our whole-of-house solutions have been making lives easier since 1976. Milled, tooled, prefabbed to spec and delivered on site, on time, every time.

#AUSTRALIA #RANSOMWARE #LORENZ #DATABREACH #BUILDING #BUSINESS #CONSTRUCTION #SOLUTIONS #INDUSTRY #PLANT #FINANCIAL #STAFF #PRODUCTS #SHOP #PARTNERS #DELIVERY #TECHNOLOGIES #JOBS #TECHNICAL #PRODUCTION #SERVICES #STORES #COMMERCIAL #LOGISTICS #MANAGEMENT #TIMBER #COMMUNITIES #BUILDERS #DRILLS #FUTURE #WOOD #PACK #EMPLOYEES #DESIGN #EXPERTS #INNOVATIVE #BACKYARD #SUPPLY #ENVIRONMENTAL #HARDWARE #PLANTATIONS #SYSTEMS #STEEL #DOORS #WINDOWS #FABRICATION #MANUFACTURE #TRUCKS #TRANSPORT #CUSTOMERS #TECHNOLOGY #MEMBERS #STRUCTURAL #WORKPLACE