Security News

A cybercrime group dubbed Bluebottle has been linked to a set of targeted attacks against the financial sector in Francophone countries located in Africa from at least July 2022 to September 2022. "The group makes extensive use of living-off-the-land, dual use tools, and commodity malware, with no custom malware deployed in this campaign," Symantec, a division of Broadcom Software, said in a report shared with The Hacker News.

Apple tracked users without their consent and deserves to be fined €6 million, according to a top advisor to France's data privacy watchdog. The Commission nationale de l'informatique et des libertés launched an investigation into Apple after a complaint filed by France Digitale, a lobby group supporting startups, accused the company of violating EU privacy laws last year.

The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that occurred on Saturday evening. Jean-Noël Barrot, the Minister Delegate in charge of Digital Transition and Telecommunications, said the hospital immediately isolated the infected systems to limit the spread of the malware to additional devices and alerted the French National Authority for Security and Defense of Information Systems.

The French data protection watchdog on Tuesday fined electricity provider Électricité de France €600,000 for violating the European Union General Data Protection Regulation requirements. The Commission nationale de l'informatique et des libertés said the electric utility breached European regulation by storing the passwords for over 25,800 accounts by hashing them using the MD5 algorithm as recently as July 2022.

The French data protection watchdog on Tuesday fined electricity provider Électricité de France €600,000 for violating the European Union General Data Protection Regulation requirements. The Commission nationale de l'informatique et des libertés said the electric utility breached European regulation by storing the passwords for over 25,800 accounts by hashing them using the MD5 algorithm as recently as July 2022.

A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers. In one robbery, "a network of more than 400 mule subscriber accounts were used to quickly cash out stolen funds mostly done overnight via ATMs," the researchers wrote in a report this month.

Major financial and insurance companies located in French-speaking nations in Africa have been targeted over the past two years as part of a persistent malicious campaign codenamed DangerousSavanna. Countries targeted include Ivory Coast, Morocco, Cameroon, Senegal, and Togo, with the spear-phishing attacks heavily focusing on Ivory Coast in recent months, Israeli cybersecurity firm Check Point said in a Tuesday report.

The Center Hospitalier Sud Francilien, a 1000-bed hospital located 28km from the center of Paris, suffered a cyberattack on Sunday, which has resulted in the medical center referring patients to other establishments and postponing appointments for surgeries."This attack on the computer network makes the hospital's business software, the storage systems, and the information system relating to patient admissions inaccessible for the time being," explains CHSF's announcement.

Hospitals and Health Care group has disconnected all incoming and outgoing Internet connections after discovering they suffered a cyberattack that resulted in the theft of sensitive administrative and patient data. The cyberattack occurred on April 19th and affected the CHs of Vitry-le-François and Saint-Dizier, causing GHT to disconnect Internet connections to the hospitals to prevent the attack's spread and further data theft.

New Serpent backdoor malware targets French entities with unforeseen method. A new backdoor dubbed Serpent has been found on internet, infecting French entities in the construction and government sectors.