yaracroft @venom@nanao.cybtex.fr

Les dépôts de plaintes ne cessent de pleuvoir au commissariat de Vannes suite à la fuite des données du laboratoire morbihannais Océalab

https://www.letelegramme.fr/morbihan/vannes/fuite-de-donnees-a-ocealab-les-plaignants-font-la-queue-au-commissariat-de-vannes-15-03-2021-12719283.php

Microsoft Exchange Servers Face APT Attack Tsunami - At least 10 nation-state-backed groups are using the ProxyLogon exploit chain

https://threatpost.com/microsoft-exchange-servers-apt-attack/164695/

RedXOR, a backdoor targeting Linux systems.

http://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor

TA800 threat group is distributing the NimzaLoader

https://threatpost.com/nim-based-malware-loader-spreads-via-spear-phishing-emails/164643/

New activity from the FIN8 group and its BadHatch backdoor.

https://labs.bitdefender.com/2021/03/fin8-group-is-back-in-business-with-improved-badhatch-kit/

Praetorian has reverse engineered the Exchange ProxyLogon CVE-2021-26855 leading to a fully functioning end-to-end exploit.

https://www.praetorian.com/blog/reproducing-proxylogon-exploit/

Reverse Shell Generator

https://revshells.com/

NAM : Dutch Natural Gas And Oil Producer Suffers Third-Party Data Breach Compromising 19,000 Groningen Homeowners' Personal Data

https://www.ruetir.com/2021/03/09/personal-data-of-19000-home-owners-leaked-at-nam/

MultiCare Health System : Tacoma Healthcare Provider's Third-Party Ransomware Attack Exposes 210,000 Patients' Data

https://www.thenewstribune.com/news/local/article249808108.html

(terrorism) We need to adopt new EU rules on the crossborder transmission of digital evidence.

https://www.euractiv.com/section/digital/news/increased-online-criminality-makes-e-evidence-rules-urgent-eu-terrorism-chief/

Visa Information System - Biometric Matching System (VIS-BMS)

https://eulisa.europa.eu/Newsroom/News/Pages/Webinar-introduces-VIS-BMS-to-Stakeholders.aspx

Artificial intelligence (AI) is increasingly used in the private and public sectors, affecting daily life. Some see AI as the end of human control over machines.

https://op.europa.eu/publication/catalogue_number/TK-04-20-657-EN-C

German soccer has been fined 300 000 € for misusing private data about its members

https://apnews.com/article/technology-stuttgart-germany-pellegrino-matarazzo-soccer-0dcf47cb54e101b5fded3ec03ce0635a

Les données de plus de 150 000 caméras de surveillance Verkada exposées. Les pirates informatiques disent avoir également accès à l'ensemble des archives vidéo de tous les clients de Verkada.

https://securite.developpez.com/actu/313314/Des-hackers-s-introduisent-dans-des-milliers-de-cameras-de-securite-de-Verkada-exposant-Tesla-prison-etc-via-un-acces-Super-Admin-dont-les-identifiants-etaient-exposes-au-public-sur-Internet/

ESET Research identified at least 10 APT groups using exploits for CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.

https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/

CVE-2021-21300

https://github.blog/2021-03-09-git-clone-vulnerability-announced/

(OVH) In RBX+GRA we have the stock of new servers, pcc, pci ready to be delivered for all the impacted customers. Of course for free. We will add 10K servers in the next 3-4 weeks.

(OVH) We plan to restart SBG1+SBG4+the network by Monday March,15 and SBG3 by Friday March,19.