Security News
The French national cyber-security agency ANSSI said today that the Russian-backed Nobelium hacking group behind last year's SolarWinds hack has been targeting French organizations since February 2021. While ANSSI has not determined how Nobelium compromised email accounts belonging to French orgs, it added that the hackers used them to deliver malicious emails targeting foreign institutions.
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team. Lockean activity was first noticed in 2020 when the actor hit a French company in the manufacturing sector and deployed DoppelPaymer ransomware on the network.
Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team. Lockean activity was first noticed in 2020 when the actor hit a French company in the manufacturing sector and deployed DoppelPaymer ransomware on the network.
The privacy-hugging, end-to-end encryption-providing email provider ProtonMail was forced to log the IP address of a French activist and turn it over to Europol, according to a French police report that came to light over the weekend. French police sent a request to Swiss police via Europol and thus managed to force the company to hand over the IP address and device details of the French activist.
Encrypted email service ProtonMail has become embroiled in a minor scandal after responding to a legal request to hand over a user's IP address and details of the devices he used to access his mailbox to Swiss police - resulting in the user's arrest. Police were executing a warrant obtained by French authorities and served on their Swiss counterparts through Interpol, according to social media rumours that ProtonMail chief exec Andy Yen acknowledged to The Register.
Lemarié, the San Francisco jury found, then went on to share those trade secrets with his new employer, French email security firm Vade Secure. Of 20 trade secrets Proofpoint said Lemarié and Vade had used unlawfully, the jury agreed that 15 had been misappropriated by Vade Secure in a "Wilful and malicious" way, according to the final verdict form [PDF].
Today, the French national cyber-security agency warned of an ongoing series of attacks against a large number of French organizations coordinated by the Chinese-backed APT31 hacking group. Partage d'IoCs relatifs une campagne d'attaques du mode opératoire APT31 en France.
French lawmakers have launched an investigation into Israeli offensive cybersecurity company NSO Group after they learned French President Emmanuel Macron topped a list of 14 heads of states potentially targeted by the company's spyware. The world leaders were potential targets, according to a list of 50,000 phone numbers believed linked to the NSO Group and leaked to Amnesty International and the Paris-based journalism nonprofit Forbidden Stories.
Amnesty International and French journalism advocacy organisation Forbidden Stories say they've acquired a leaked list of individuals targeted by users of Israeli spyware-for-law-enforcement operator NSO Group, and that Heads of State, academics, diplomats, human rights advocates, and media figures are among those targeted. Perhaps the most explosive claim is that NSO products were used to target family members of Saudi journalist Jamal Khashoggi in the days before he was murdered in Istanbul.
French prosecutors have charged a French IT company that allegedly helped the regime of Libyan dictator Moamer Kadhafi spy on opposition figures who were later detained and tortured, sources close to the inquiry said Thursday. Amesys, which is now owned by the Bull technology group, and its former chief, Philippe Vannier, were charged with complicity in acts of torture on June 18, the sources said.