La société TAG Aviation a été victime d'une attaque par ransomware. Les recherches de watson révèlent que Black Basta est à l'origine de cette attaque.

The Swiss government is under DDoS attacks, but several ransomware gangs have also turned their sights on other Swiss organizations.

Today is Microsoft's June 2023 Patch Tuesday, with security updates for 78 flaws, including 38 remote code execution vulnerabilities.

Affected Platforms: FortiOS
Impacted Users: Targeted at government, manufacturing, and critical infrastructure
Impact: Data loss and OS and file corruption
Severity Level: Critical

Today, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing our customers with additional details to help them make informed, risk-based decisions, and provides our perspective relative to recent events involving malicious actor activity.

When Lexfo Security teased a critical pre-authentication RCE bug in FortiGate devices on Saturday 10th, many people speculated on the practical impact of the bug. Would this be a true, sky-is-falling level vulnerability like the recent CVE-2022-42475? Or was it some edge-case hole, requiring some unusual and exotic requisite before any exposure? Others even went further, questioning the legitimacy of the bug itself. Details were scarce and guesswork was rife.

On May 31, 2023, Progress Software disclosed a critical SQL injection vulnerability that was later assigned CVE-2023-34362. Rapid7 has observed exploitation in…

Lundi 12 juin 2023, plusieurs sites Internet de la Confédération étaient ou sont encore inaccessibles, en raison d’une attaque DDoS menée contre ses systèmes. Celle-ci a été rapidement détectée par les spécialistes de l’administration fédérale, qui travaillent actuellement à rétablir dans les plus brefs délais l’accès aux applications et sites Internet touchés.

L’entité «NoName» a pris pour cible des sites officiels de l’administration, comme FedPol, lundi matin lors d’une cyberattaque.

Revendiquée par un cyberpirate dénommé Anonymous Sudan, une série d'attaques a paralysé pendant plusieurs jours de multiples services cloud de Microsoft dont Outlook, SharePoint et OneDrive. Les difficultés de l'éditeur à assurer une remise en service complète dans ce laps de temps interroge.

Regime has trained cybercriminals to impersonate tech workers or employers, amid other schemes

Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle charging stations.

Les CFF et le canton d'Argovie sont à leur tour concernés par la cyberattaque qui a touché la société informatique bernoise Xplain. Des données ont été volées, ont indiqué l'entreprise ferroviaire et le canton.

Une fuite a entraîné le vol des données, ont confirmé dimanche les CFF, suite à un article de la NZZ am Sonntag. De leur côté, les autorités argoviennes font savoir qu'"un petit volume de données opérationnelles liées à des protocoles d'erreur qui étaient analysées chez Xplain" est concerné par la fuite, ainsi que "de la correspondance commerciale".

• The shift previously observed in the geographical location of cyber extortion (Cy-X) victims continues to accelerate, moving from the United States (-21%), and Canada (-28%) to Southeast Asia region (+42%), the Nordics (+40%) & Latin America (+32%).
• Whilst Manufacturing continues to be the biggest industry impacted, the number of victims decreased (-39%), with a shift towards the Utilities sector (+51%), Educational Services (+41%) and Finance and Insurance Sectors (+11%).
• Businesses in 96 different countries were impacted by Cy-X in 2022, equating to nearly half (49%) the countries in the world. Since 2020 Orange Cyberdefense has recorded victims in over 70% of all countries worldwide
• Over 2,100 organizations in the world were publicly shamed as a victim of Cy-X in 2022, across an almost even distribution of business sizes.

This page provides the latest information on the MOVEit Transfer and MOVEit Cloud vulnerabilities. As we continue our investigation and new details are uncovered, this page will be updated. Please check back frequently for updates.

CVE-PENDING (June 9, 2023)
CVE-2023-34362 (May 31, 2023)

In a major digital security breach, a website is offering personal data about Turkish citizens including President Recep Tayyip Erdogan that appears to have been stolen by hackers from a government services website.

A team of hackers, hacked into several Russian businesses and the nation's largest ISP and service provider to the Central Bank of Russia. Because of the hack, the Russian banking system went down. The hackers also put up pro-Ukrainian posters on the hacked websites.

Informations actuelles de l'administration. Tous les communiqués de l'administration fédérale, des départements et des offices.

Les cybercriminels ont fait une nouvelle victime en Suisse romande.

Hackers stole another half a million people’s personal and health information during a ransomware attack on a technology vendor earlier this year.

Intellihartx, a Tennessee-based company that handles patient payment balances and collections, said in a notice filed with the Maine attorney general’s office that 489,830 patients had information stolen in the cyberattack targeting its vendor, Fortra.

On June 5, 2023, the Clop ransomware group publicly claimed responsibility for exploitation of a zero-day vulnerability in the MOVEit Transfer secure file transfer web application (CVE-2023-34362). Learn more.