https://amp-theguardian-com.cdn.ampproject.org/c/s/amp.theguardian.com/business/2023/dec/04/sellafield-nuclear-site-hacked-groups-russia-china

Ongoing investigation found evidence of stolen employee creds and social engineering

WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin.

INFO LE POINT. À partir du 8 décembre, les membres du gouvernement devront utiliser les applications de messagerie françaises Tchap ou Olvid.

https://www.cyberveille-sante.gouv.fr/alertes/zyxel-cve-2023-5593-2023-11-21

https://cybernews.com/security/thousands-gas-pump-controllers-exposed/?utm_source=linkedin&utm_medium=social&utm_campaign=thousands-gas-pump-controllers-exposed_csh&utm_term=LIN-365&source=linkedin&medium=social&campaign=thousands-gas-pump-controllers-exposed_csh&term=LIN-365

https://www-zdnet-fr.cdn.ampproject.org/c/s/www.zdnet.fr/amp/actualites/des-infrastructures-critiques-de-l-energie-danoises-visees-par-une-cyberattaque-d-une-ampleur-inedite-39962454.htm

Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company.

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals.

VMware raises the alarm about an unpatched security flaw (CVE-2023-34060) in Cloud Director, which could allow attackers to bypass authentication.

A threat actor, using the alias 'DrOne,' has claimed responsibility for leaking a scraped database from Chess.com with data from 800,000 users.

The incident spotlights a danger that bank leaders concede keeps them up at night — the prospect of a cyber attack that could someday cripple a key piece of the financial system’s wiring, setting off a cascade of disruptions.

Operator DP World Australia says teams ‘working diligently to contain the situation and determine impact’

Okta has concluded that the root cause of its breach was an employee storing company credentials in a private Google account.

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.

Aerospace giant Boeing is investigating a cyberattack that impacted its parts and distribution business after the LockBit ransomware gang claimed that they breached the company's network and stole data.

Risk of ‘significant data loss’ for on-prem customers

Le CERT Santé présente sur cette page des retours d'expérience d'établissements confrontés à une cyberattaque et pour lesquels le CERT Santé est intervenu pour apporter un appui technique dans la réponse à incident.