yaracroft @venom@nanao.cybtex.fr

Une série d'attaques informatiques jugée de « terroriste » par le gouvernement bolivarien du #Venezuela a ciblé la principale banque du pays Banco de Venezuela, S.A. #cyber #threats

https://reseauinternational.net/venezuela-attaque-terroriste-du-systeme-financier/

La Cinémathèque (cinematheque.ch) #suisse perturbée depuis le mardi 14 septembre 2021 par un #ransomware #swiss

https://www.cinematheque.ch/f/actualites/article/cyberattaque-a-la-cinematheque-suisse/

Created in collaboration with a trusted law enforcement partner, this tool helps victims encrypted by #REvil #ransomware to restore their files and recover from attacks made before July 13, 2021.

https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware/

Three Former U.S. Intelligence Community & Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government #usa #cyber #justice

https://www.justice.gov/opa/pr/three-former-us-intelligence-community-and-military-personnel-agree-pay-more-168-million

DOJ: Former NSA Operatives Worked as Cyber-Mercenaries - Members of the U.S. intelligence community and military have reached a deferred prosecution agreement over their role in an overseas cyber-mercenary business #usa #cyber #intel #justice

https://gizmodo.com/doj-former-nsa-operatives-worked-as-cyber-mercenaries-1847676200

U.S. President Joe Biden on Wednesday plans to announce a plan to share advanced technologies in a working group with Britain and Australia #usa #cyber

https://www.reuters.com/world/us/biden-announce-alliance-with-britain-australia-tech-cyber-defense-politico-2021-09-15/

(CVE-2021-3437) HP OMEN Gaming Hub (omen.com) A driver privilege-escalation « bug » gives attackers kernel-mode access to millions of PCs used for #gaming. HP put out a fix on Sept. 14, 2021. #vuln

https://www.sentinelone.com/labs/cve-2021-3437-hp-omen-gaming-hub-privilege-escalation-bug-hits-millions-of-gaming-devices/

City of Yonkers (yonkersny.gov) has been the victim of a #ransomware attack and for the period of the past five days, City Hall and its employees have been without their computers #usa

http://yonkerstimes.com/city-of-yonkers-hacked-no-computers-for-the-past-week-ransom-demanded-city-hall-says-no/

TTEC, [NASDAQ: TTEC], a company used by some of the world's largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security... #ransomware

https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/

#Microsoft #Azure silently install management agents on #Linux VMs, which now have RCE & LPE vulnerabilities ! « OMI is just one example of a secret #software agent that's pre-installed and silently deployed in cloud environments » ; « Thanks to the combination of a simple conditional statement coding mistake and an uninitialized auth struct, any request without an Authorization header has its privileges default to uid=0, gid=0, which is root » #vuln #wormable #botnets #threats #informatique #cloud

https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution

Les RSSI doivent plus que jamais s'attendre cette année à ce que les rançongiciels ciblent plus agressivement les infrastructures #cloud. #ransomware #threats

https://www.silicon.fr/avis-expert/rancongiciel-3-0-le-scenario-de-cyberattaque-le-plus-redoute-des-rssi

Près de 3000 serveurs #VPN #SSL #Fortinet menacés en #France

https://www.lemagit.fr/actualites/252506549/Pres-de-3000-serveurs-VPN-SSL-Fortinet-menaces-en-France

« Global Resource Systems » #internet #usa #cyber #military #threats

https://www.washingtonpost.com/technology/2021/09/10/pentagon-internet-protocol-addresses-trump/

La Compagnie Générale de Navigation (cgn.ch) sur le lac Léman (CGN) a été victime fin août d'une #cyber attaque sur son site internet, ciblant la procédure d'achat des billets. Les intrus ont réussi à voler les coordonnées bancaires de certains clients #swiss #suisse

https://www.lacote.ch/articles/regions/vaud/la-cgn-victime-dune-cyberattaque-1107391

Chimaera campaign - TeamTNT is using new, open source tools to steal usernames and passwords from infected machines. The group is targeting various operating systems including: #Windows, different #Linux distributions including Alpine (used for containers), #AWS, #Docker, and #Kubernetes. #malware #cyber #threats

https://cybersecurity.att.com/blogs/labs-research/teamtnt-with-new-campaign-aka-chimaera