yaracroft @venom@nanao.cybtex.fr

According to Dragos data, between 2018 and 2021 the number of ransomware attacks on industrial control systems (ICS) increased over 500 percent, with five percent of attacks impacting oil & gas entities. #cyber #gas #scada #energies #isc #ransomware #iot #threats #oil #informatique

https://www.dragos.com/blog/industry-news/cyber-risk-high-for-oil-natural-gas-organizations-around-the-globe/

PHOREAL/RIZZO is a backdoor allowing initial victim characterization and follow-on post-exploitation operations to compromise the confidentiality of organizations' data. It has been reported in other research as being used exclusively by APT32 (AKA SeaLotus, OceanLotus, APT-C-00, Group G0050). APT32 largely targets victims with political or economic interests in Southeast Asia, specifically 🇻🇳 Vietnam. #windows #malware #financial #vietnam #political #asia #economic #informatique

https://elastic.github.io/security-research/intelligence/2022/03/02.phoreal-targets-southeast-asia-financial-sector/article/

DeTT&CT : Detect Tactics, Techniques & Combat Threats #python #security #tools #framework #yaml #informatique

https://github.com/rabobank-cdc/DeTTECT

This analysis will help organizations better understand the inner workings of #Conti's organizational infrastructure. #ransomware

https://www.breachquest.com/conti-leaks-insight-into-a-ransomware-unicorn/

🇹🇼 The Aviation Police Bureau had arrested 2 airport contract workers suspected of causing a power outage in Terminal 2 of Taiwan Taoyuan International Airport on March 11, allegedly by cutting electrical cables that power parts of the building. #taiwan #aero #sabotage #energies #outage #threats

https://focustaiwan.tw/society/202203150021

🇺🇸 The 238 reported breaches since September 2021 impacted more than 2.4 million Texans, according to state data. (CBS Dallas) #cyber #city #databreach #threats #business #informatique

https://youtube.com/watch?v=R2c3qSJ2YMA

EmoCheck v2.1.1 - #Emotet detection tool for #Microsoft #Windows OS. #cyber #tools #threats #informatique

https://github.com/JPCERTCC/EmoCheck

VT4Browsers allows SOC analysts, incident responders and threat researchers to contextualize every IoC in any web platform with threat intelligence. #cyber #malware #threats #intel #browser #software #firefox #chrome #informatique

https://blog.virustotal.com/2022/03/vt4browsers-any-indicator-every-detail.html

Un incident de sécurité perturbe depuis ce lundi 14 mars 2022 le site web ainsi que des outils internes au groupe Darty (darty.com) - à suivre.. #france #outage #informatique

We believe with medium-high confidence that Kwampirs and Shamoon 2 are maintained by the same group. Cybercriminals of all types and with a range of attack vectors and malware variants are targeting the healthcare industry and supply chains. Motivations can vary from just industrial espionage (intellectual property, scientific research), exfiltration and exposure of PHI records (of dissidents or key personalities), to the damaging extreme of enabling the creation of a crippling cyber-physical impact through wiper attacks if things get really ugly in a war scenario. #malware #hospital #industry #cyber #healthcare #threats #digital #terror #medical #informatique

https://resources.cylera.com/hubfs/Cylera%20Labs/Cylera%20Labs%20Kwampirs%20Shamoon%20Technical%20Report.pdf

CaddyWiper is relatively smaller than previous wiper attacks we've seen in Ukraine such as « HermeticWiper » and « WhisperGate » with a compiled size of just 9KB. #ukraine #cyber #wiper #threats #networks #malware #informatique

https://blog.talosintelligence.com/2022/03/threat-advisory-caddywiper.html

ESET researchers have spotted previously unknown data wiping malware « CaddyWiper » taking aim at Ukrainian organizations. #ukraine #cyber #wiper #threats #networks #malware #informatique

https://www.welivesecurity.com/2022/03/15/caddywiper-new-wiper-malware-discovered-ukraine/

Les opérateurs Pandora revendiquent un vol de 350 GB de données relatives aux activités de 🇺🇸 Rosewood Corporation #usa #pandora #ransomware #cyber #business #threats #industries #databreach #investment #management #informatique

Un incident de sécurité a touché le site web officiel d'achat et de vente du groupe LEGO, Bricklink (bricklink.com). « We now know that no BrickLink data has been compromised, and therefore, all systems are up and running again. » #cyber #business #threats #databreach #informatique

https://www.brickfanatics.com/bricklink-suffering-cyber-attack/

🐧 B1txor20, a #linux backdoor using DNS tunnel technology for C2 communications is spreading via Log4j vulnerability. #malware #botnet #informatique

https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en/

Le groupe pro-iranien Black Shadow, silencieux depuis novembre 2021, revendique un vol de données concernant les activités de Rubinstein (fantasy.mn). Pour l'heure, la maigreur de l'échantillon (33Mo) ne prouve pas grand chose. #israel #blackshadow #cyber #threats #business #diamond #software #solutions #industry #jewelry #databreach #informatique

SentinelOne (sentinelone.com) acquires Attivo Networks (attivonetworks.com) #business #informatique

https://investors.sentinelone.com/press-releases/news-details/2022/SentinelOne-Announces-Fourth-Quarter-and-Fiscal-Year-2022-Financial-Results/default.aspx

The Security Service of Ukraine (SSU) detained a « hacker » who was providing technical assistance to Russian troops in #Ukraine by routing phone calls. #telecom #threats #informatique

https://www.vice.com/en/article/v7djda/ukraine-arrests-hacker-routing-calls-for-russian-troops