Si ces attaques, qui ont commencé dimanche soir, ont été d’une « intensité inédite », les services du premier ministre ont précisé lundi que leur impact avait été « réduit ». Elles ont été revendiquées par Anonymous Sudan, qui regroupe des militants prorusses.

La Commission se félicite de l'accord politique auquel le Parlement européen et le Conseil sont parvenus la nuit dernière concernant le règlement sur la cybersolidarité, proposé par la Commission en avril 2023.

Le règlement sur la cybersolidarité renforcera la solidarité au niveau de l'UE afin de mieux détecter les menaces et incidents de cybersécurité, de mieux s'y préparer et de mieux y réagir. Cet accord intervient à un moment crucial pour la cybersécurité de l'UE, étant donné que le paysage des cybermenaces dans l'UE continue d'être affecté par les événements géopolitiques.

Le Cyber Solidarity Act ouvre la voie à une infrastructure paneuropéenne de SOC. Quels acteurs - français, notamment - se sont positionnés ?

Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.

• Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published.
• Campaigns that we were able to attribute to this actor targeted Ivanti, Magento, Qlink Sense and possibly Apache ActiveMQ.
• Analysis of the actor’s recent Ivanti Connect Secure VPN campaign revealed a novel Linux version of a malware called NerbianRAT, in addition to WARPWIRE, a JavaScript credential stealer.
• The actor’s arsenal also includes MiniNerbian, a small Linux backdoor, and remote monitoring and management (RMM) tools for Windows like ScreenConnect and AnyDesk.

The European Commission violated data protection rules in its use of Microsoft 365, leading to the imposition of corrective measures by the European Data Protection Supervisor (EDPS), the watchdog announced on Monday (11 March).

Hackers breached the systems of the Cybersecurity and Infrastructure Security Agency (CISA) in February through vulnerabilities in Ivanti products, officials said.

Microsoft says the ongoing hacking is part of the Russian government's efforts to figure out what information Microsoft has on its hackers.

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.

An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

Read this blog on the anatomy of an ALPHA SPIDER ransomware attack to better understand how they operate and how to better protect your business.

• Shane Jones, who’s worked at Microsoft for six years, has been testing the company’s AI image generator in his free time and told CNBC he is disturbed by his findings.
• He’s warned Microsoft of the sexual and violent content that the product, Copilot Designer, is creating, but said the company isn’t taking appropriate action.
• On Wednesday, Jones escalated the matter, sending letters to FTC Chair Lina Khan and to Microsoft’s board, which were viewed by CNBC.

The U.S. government announced Tuesday sanctions against the founder of the notorious spyware company Intellexa and one of his business partners. This is

Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company's bottling facilities

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.

Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which are from incident response investigations tied to Phobos ransomware activity from as recently as February, 2024.

U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware.

"Structured as a ransomware-as-a-service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars," the government said.

First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions

Learn more about ACEMAGIC Mini PC's swift resolution to the virus incident, along with robust future security measures. Your safety is our top priority.