yaracroft @venom@nanao.cybtex.fr

For weeks, Bob Diachenko, has been trying to convince a cloud provider to intervene and take down a malware group's server that was leaking hundreds of thousands of stolen passwords and millions of authentication cookies. The data was leaked via an Elasticsearch server left exposed online without password. This Elasticsearch server is believed to be one of these data lakes, where crooks were aggregating their stolen information. Racoon (RaccoonStealer) is fairly typical Malware-as-a-Service where for $75-$200 per month you get access to the toolkit to generate malware payloads and a backend website to administer your campaign from. It is designed to steal login credentials, credit card information, cryptocurrency wallets, and browser information. In the leaked data, we found credentials and cookies for email accounts, social media profiles, work applications, and even government portals. Of the entire data collected in the server, the most prevalent were authentication cookies, collected in the millions, rather than passwords, which were only hundreds of thousands. « Auth cookies » allow intruders to access victim accounts without needing to authenticate using usernames and passwords and even bypass any two-step verification process that victims might have had in place. While Diachenko has been fighting for weeks with poor success to get the cloud provider to intervene and take down this malware gang's data, this server .. mysteriously disappeared ..

https://therecord.media/malware-group-leaks-millions-of-stolen-authentication-cookies/

Many online service providers make it difficult or impossible for users to reach a human to resolve a problem with their services. That's because employing people to resolve these issues often costs more than the small amounts they save by reinstating wrongfully banned accounts.

https://www.eff.org/deeplinks/2021/06/paypal-shuts-down-long-time-tor-supporter-no-recourse

Le guichet de la gare de Coutances (Manche) est fermé à cause d'une panne informatique, pour une durée indéterminée.

https://www.ouest-france.fr/normandie/coutances-50200/coutances-le-guichet-de-la-gare-paralyse-par-une-panne-bc04390a-c3af-11eb-9638-26dc62ccdfa1

Pour le mois de mai 2021, nous avons compté plus de 260 attaques de ransomware à travers le monde, à peu près autant qu'en mars 2021, plus qu'en février 2021 ou encore janvier 2021, mais moins qu'en avril 2021. Pour ce mois-ci, notre compte s'établit aujourd'hui à 295. Cette intensité de l’activité malveillante renvoie à l'automne dernier et semble s'imposer désormais comme la norme.

https://www.lemagit.fr/actualites/252501731/Ransomware-un-mois-de-mai-marque-par-les-rebondissements

Une nouvelle tentative de réunir le 15, le 17, le 18, ou encore le 116-117 sous la bannière du 112 a suscité la colère des urgentistes.

https://www.lexpress.fr/actualite/sciences/faut-il-un-numero-unique-pour-tous-les-appels-d-urgence_2151739.html

Marlène Schiappa s'est fait dérober un disque dur au sein même du ministère de l'Intérieur

https://www.francetvinfo.fr/faits-divers/justice-proces/marlene-schiappa-porte-plainte-apres-la-disparition-d-un-disque-dur-au-ministere-de-l-interieur_4647709.html

Microsoft's Anti-Malware Software Interface (AMSI) can play a particularly important role in keeping Windows 10 and Windows Server systems from being compromised. But AMSI is not a panacea. Attackers are continuously finding ways to obfuscate and conceal malicious content from anti-malware signature detections.

https://news.sophos.com/en-us/2021/06/02/amsi-bypasses-remain-tricks-of-the-malware-trade/

Chinese game developer AMT Games, which has produced a string of mobile and social titles with tens of millions of downloads between them, exposed 1.5TB of data via an Elasticsearch server. 5.9 million player profiles, two million transactions, and 587,000 feedback messages.

https://www.wizcase.com/blog/amt-games-leak/