Security News

Hackers Repeatedly Targeting Financial Services in French-Speaking African Countries
2022-09-08 06:38

Major financial and insurance companies located in French-speaking nations in Africa have been targeted over the past two years as part of a persistent malicious campaign codenamed DangerousSavanna. Countries targeted include Ivory Coast, Morocco, Cameroon, Senegal, and Togo, with the spear-phishing attacks heavily focusing on Ivory Coast in recent months, Israeli cybersecurity firm Check Point said in a Tuesday report.

French hospital hit by $10M ransomware attack, sends patients elsewhere
2022-08-23 16:23

The Center Hospitalier Sud Francilien, a 1000-bed hospital located 28km from the center of Paris, suffered a cyberattack on Sunday, which has resulted in the medical center referring patients to other establishments and postponing appointments for surgeries."This attack on the computer network makes the hospital's business software, the storage systems, and the information system relating to patient admissions inaccessible for the time being," explains CHSF's announcement.

French hospital group disconnects Internet after hackers steal data
2022-04-25 14:48

Hospitals and Health Care group has disconnected all incoming and outgoing Internet connections after discovering they suffered a cyberattack that resulted in the theft of sensitive administrative and patient data. The cyberattack occurred on April 19th and affected the CHs of Vitry-le-François and Saint-Dizier, causing GHT to disconnect Internet connections to the hospitals to prevent the attack's spread and further data theft.

New Serpent backdoor malware targets French entities with unforeseen method
2022-03-21 14:21

New Serpent backdoor malware targets French entities with unforeseen method. A new backdoor dubbed Serpent has been found on internet, infecting French entities in the construction and government sectors.

Attackers employ novel methods to backdoor French organizations
2022-03-21 10:43

An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. The attack starts with a well-known technique - emails containing a macro-enabled Microsoft Word document masquerading as information relating to the GDPR - and ends up with an attempt to install a backdoor on target systems.

New Backdoor Targets French Entities via Open-Source Package Installer
2022-03-21 02:12

Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attributed the attacks to a likely advanced threat actor based on the tactics and the victimology patterns observed.

French speakers blasted by sextortion scams with no text or links
2022-02-21 19:59

Over the last year or two we've noticed that the steady stream of sextortion emails we used to receive - at one time, we were getting several variants on the theme each week - has dwindled to almost nothing. Often, attackers stick to messages in plain text or HTML for the obvious reason that web or email links in those messages typically turn into directly tempting "Calls to action".

TinyNuke info-stealing malware is again attacking French users
2021-12-13 21:22

The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. The TinyNuke malware activity first appeared in 2017, culminated in 2018, then dropped significantly in 2019, and almost faded out of existence in 2020.

France warns of Nobelium cyberspies attacking French orgs
2021-12-06 18:46

The French national cyber-security agency ANSSI said today that the Russian-backed Nobelium hacking group behind last year's SolarWinds hack has been targeting French organizations since February 2021. While ANSSI has not determined how Nobelium compromised email accounts belonging to French orgs, it added that the hackers used them to deliver malicious emails targeting foreign institutions.

Lockean multi-ransomware affiliates linked to attacks on French orgs
2021-11-04 11:22

Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team. Lockean activity was first noticed in 2020 when the actor hit a French company in the manufacturing sector and deployed DoppelPaymer ransomware on the network.