yaracroft @venom@nanao.cybtex.fr

Un nouveau botnet a été découvert qui escroquait le marché des publicités ( Malvertising ) sur téléviseurs connectés grâce à des applications infectées. Au total, plus d'un million de smartphones Android infectés.

https://www.futura-sciences.com/tech/actualites/cybersecurite-malware-tres-malin-frappe-million-smartphones-android-86956/

Les systèmes informatiques de Canac (canac.ca), leader dans le domaine de la construction / rénovation, paralysés depuis plusieurs jours par un ransomware.

https://www.journaldequebec.com/2021/04/22/canac-victime-de-cyberpirates

The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials.

https://www.bleepingcomputer.com/news/security/logins-for-13-million-windows-rdp-servers-collected-from-hacker-market/

A pupil hacked into their teacher's computer to change grades after finding the password on a note stuck to a laptop. After obtaining the password, the pupil was able to access more than 20,000 records and change their grades

https://www.dailymail.co.uk/news/article-9498935/Pupil-hacked-computer-changed-grades-GCHQ-begins-cyber-security-training-teachers.html

Thousands of New York residents who live in buildings run by Douglas Elliman's property management arm may have had their personal information compromised this month.

Douglas Elliman Property Management's three managing directors emailed hundreds of co-operative and condominium boards Monday to advise them that the company's IT network — which contains data for its buildings' residents and employees - was breached and their personal information may have been compromised.

https://therealdeal.com/2021/04/19/ellimans-property-management-arm-suffers-data-breach/

A KWCH investigation in February helped to launch a Kansas Department of Labor investigation after the investigation discovered a way to use social security numbers on the KDOL website to pull up anyone's personal information.

https://www.kwch.com/2021/04/21/kdol-looking-into-possible-data-breach/

Hackers are leveraging the popular Telegram messaging app by embedding its code inside a remote access trojan (RAT) dubbed ToxicEye. This malware can take over file systems, install ransomware and leak data from victim's computers

https://blog.checkpoint.com/2021/04/22/turning-telegram-toxic-new-toxiceye-rat-is-the-latest-to-use-telegram-for-command-control/

Schneier on Security - On North Korea's Cyberattack Capabilities

https://www.schneier.com/blog/archives/2021/04/on-north-koreas-cyberattack-capabilities.html

Carbanak and FIN7 Attack Techniques

https://www.trendmicro.com/en_us/research/21/d/carbanak-and-fin7-attack-techniques.html

Hackers Target Iconic Japan's Toshiba Rival « Hoya Vision Care US » With Ransomware

https://portswigger.net/daily-swig/drinks-giant-c-amp-c-group-subsidiary-shuts-down-it-systems-following-security-incident

On Friday morning, April 16, ICT supplier Managed IT from Nieuwegein was hacked by an unknown attacker. As a precaution, the company and a number of notarial software suppliers have shut down their servers and databases. 96 notary offices have become the victims of a cyber attack.

https://www.vpngids.nl/nieuws/bijna-honderd-notariskantoren-slachtoffer-van-hacker/

C&C Group plc (the « Group ») announces that its wholly owned subsidiary, Matthew Clark Bibendum Ltd (« MCB »), became aware on Friday 16 April 2021 that it was the subject of a cyber-security incident, which has impacted both Matthew Clark and Bibendum.

https://www.bibendum-wine.co.uk/statement-from-matthew-clark-and-bibendum-on-it-security-incident/

Hiding a trojan in an AVR Arduino Bootloader

https://01001000.xyz/2021-04-21-Hiding-a-Trojan-in-an-AVR-Arduino-Bootloader/

The U.S Justice Department has created a new task force dedicated to rooting out and responding to the growing threat of ransomware.
The new initiative follows what the memo describes as the worst year ever for ransomware attacks.

https://www.wsj.com/articles/ransomware-targeted-by-new-justice-department-task-force-11619014158

How Philip Reiner Created the Ransomware Task Force

https://blog.rapid7.com/2021/04/14/how-philip-reiner-created-the-ransomware-task-force/

Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices

https://www.bleepingcomputer.com/news/security/massive-qlocker-ransomware-attack-uses-7zip-to-encrypt-qnap-devices/

Exploit Kit still sharpens a sword

https://nao-sec.org/2021/04/exploit-kit-still-sharpens-a-sword.html

The law enforcement arm of the U.S. Postal Service has been quietly running a « covert operations program » that tracks and collects Americans' social media posts, including those about planned protests. The details of the surveillance effort, known as iCOP, or Internet Covert Operations Program, have not previously been made public.

I just don't think the Postal Service has the degree of sophistication that you would want if you were dealing with national security issues. ( University of Chicago law professor, Geoffrey Stone )

https://news.yahoo.com/the-postal-service-is-running-a-running-a-covert-operations-program-that-monitors-americans-social-media-posts-160022919.html

Hackers who tampered with a software development tool from a company called Codecov used that program to gain restricted access to hundreds of networks belonging to the San Francisco firm's customers.

https://www.reuters.com/article/usa-cyber-codecov/codecov-hackers-breached-hundreds-of-restricted-customer-sites-sources-idUSL1N2MC2SS