Security News

Today, the French national cyber-security agency warned of an ongoing series of attacks against a large number of French organizations coordinated by the Chinese-backed APT31 hacking group. Partage d'IoCs relatifs une campagne d'attaques du mode opératoire APT31 en France.

A French court ruled Tuesday that Ikea had set up an elaborate system to illegally spy on hundreds of employees and job applicants over several years, using private detectives as well as police sources. Ikea's former head of risk management, Jean-Francois Paris, who was accused of being at the heart of the spying system, was handed a suspended 18-month prison term and a fine of 10,000 euros.

In an apparent industry first, the global insurance company AXA said Thursday it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals. Only the U.S. surpassed France last year in damage from ransomware to businesses, hospitals, schools and local governments, according to the cybersecurity firm Emsisoft, estimating France's related overall losses at more than $5.5 billion.

Accenture has entered into an agreement to acquire Openminded, a France-based cybersecurity services company that provides advisory, cloud & infrastructure security, cyber defense, and managed security services. Once completed, the acquisition would bring approximately 100 highly skilled cybersecurity professionals to Accenture Security's workforce of nearly 7,000 professionals globally and extend Accenture's cybersecurity presence and capabilities in France and in Europe.

French President Emmanuel Macron on Thursday unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month and an upsurge of similar cyber assaults in France. The attacks at the hospitals in Dax and Villefranche-sur-Saone prompted the transfer of some patients to other facilities as the French health care system is under pressure from the coronavirus pandemic.

France's Agence nationale de la sécurité des systèmes d'information, the nation's cyber-security agency, has identified a years-long campaign to infiltrate IT monitoring platform Centreon. Centreon claimed that Centreon is a spiffing open-source IT monitoring tool.

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group. According to the French cyber-security agency, the campaign shows several similarities to behavior observed while analyzing previous Sandworm attacks, including intrusion campaigns before choosing one of the victims for further compromise.

Two French citizens and a Moroccan went on trial in Paris on Monday charged with planning attacks after their cyber network was successfully infiltrated by a French intelligence agent posing as a jihadist. The agent from France's DGSI domestic intelligence service, using the codename Ulysse, had infiltrated communication networks of Islamic State group jihadists in a ruse that led to the arrest of the three.

France's CNIL data privacy watchdog slapped 135 million euros in fines on US tech titans Google and Amazon for placing advertising cookies on users' computers without consent. The 100-million-euro fine against Google is the largest sanction the regulator has ever imposed, which it justified by the fact 90 percent of French internet users use the firm's search engine.

Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download," New Zealand's Computer Emergency Response Team said.