1 min

FBI mail server hacked by ethical hacker

An ethical hacker (“white hat”) used an FBI server to send thousands of fake emails to expose a vulnerability

Cyber risks - Security and Stability in Cyberspace - November 24, 2021

On 12 November 2021, an ethical hacker used an authentic FBI email address (eims@ic.fbi.gov) to send tens of thousands of hoax emails that casually hinted at the presence of a botnet on the recipients’ server.

The hacker said he did the hack to expose a vulnerability in the FBI’s system, namely unsecured code in an online portal designed to share information with law enforcement agencies.

The FBI acknowledged that its domain name and address had been used to send fake emails. But the bureau said the hacked server—the Law Enforcement Enterprise Portal (LEEP)—is only used to send notifications to law enforcement agencies and is not part of the FBI’s internal email service.

https://krebsonsecurity.com/2021/11/hoax-email-blast-abused-poor-coding-in-fbi-website/

“We are at cyberwar!” Really?

By Stanislas Tarnowski

What better than a war to mobilize everyone’s energy? Armis presents a report on perceptions of cyber warfare and how companies and public authorities are preparing to confront this threat. ...

27 October 2023

Will the Moon soon get Internet?

By Antoine Meunier

The new wave of lunar exploration programs that began with the Artemis 1 mission last year will be very different than the program of the 1960s. The missions that will take off in the coming years ...

26 October 2023

Why is there so much misinformation about the Israel-Hamas war on X?

By Fanny Tan

Since Hamas’s surprise attack against Israel on October 7, 2023, social media has been inundated with false and misleading content, especially X (formerly Twitter). How can we explain such a ...

08 October 2023

Mysterious Team Bangladesh hacktivists target France

DDoS attacks hit airports and university to protest French presence in Niger and Senegal, but also ban on abaya dress in French schools.

26 September 2023

Cyberattack against International Court of Justice in The Hague

ICJ provides no details on cyberattack and perpetrator but has been in Russia’s cross-hairs for a long time.

26 September 2023

Ursula von der Leyen aims to establish “AI IPCC”

EU Chief wants to bring together scientists, businesses and experts to guarantee responsible AI growth on a world level.

Cyber industrial safety

26 September 2023

State-affiliated groups are main cyber threat to industry

Energy sector accounts for 39% of cyber incidents in ICS/OT processes.

06 September 2023

Industrial cybersecurity: the need for IT/OT convergence

In an interview with Alliancy published on August 29, 2023, Jean-François Siquet, OT product manager at Air Liquide, reviewed the securing of OT processes required by digitalization. He recognizes ...

17 July 2023

Wallix raises €10.5 million

The French specialist in privileged access raised 5.5 million euros in one night only.

04 July 2023

Despite improvements, OT cybersecurity remains a problem

Fortinet’s latest report shows that 75% of manufacturers have suffered at least one intrusion in the last 12 months.

19 June 2023

Critical flaw in Siemens’ energy sector ICS

The vulnerability enables complete takeover of devices and may undermine power grids

19 June 2023

Power grids: Mandiant warns about new malware CosmicEnergy

It is said to be the product of a Russian cybersecurity team, Red Team, which develops malicious tools to stress test industrial computer systems

Cybercrime

19 November 2023

Data theft at PC cloud platform Shadow

On October 11, 2023, Shadow, the French cloud computing PC specialist, admitted it had suffered a data theft, at the end of September 2023. The scope of the attack remains unknown but cybercriminals ...

17 November 2023

Qakbot botnet still active

International police sting had dismantled infrastructure end of August 2023.

16 November 2023

Google Cloud resists unprecedented DDoS attack

With 398 million requests per second, denial of service attack most significant in history, shattering previous record.

15 November 2023

Operation Triangulation reveals vulnerabilities at Apple

By Fabrice Deblock

At its annual Security Analyst Summit (SAS) in late October 2023, Kaspersky’s Global Research and Analysis Team (GReAT) revealed a number of elements about Operation Triangulation, which ...

13 November 2023

Who unplugged the Mozi botnet?

Mystery kill switch ended botnet in summer of 2023.

10 November 2023

Reshipping service for goods bought with stolen bankcards falls prey to hack

Named SWAT USA Drop Service, cybercriminal enterprise employs 1,200 people in the United States.

Cyber risks

27 November 2023

The Software Defined Vehicle: a growing need for cybersecurity

By Thomas Joos

In-vehicle cybersecurity is on the verge of major changes that will affect all vehicle manufacturers. Vehicles are now more connected than ever, and today’s on-board computer is a high-performance ...

16 November 2023

Artificial intelligence: the world is waking up to the risks

By Louis Nauges

The past week was intense in the world of artificial intelligence (AI). In the space of a few days, five documents were published by prestigious institutions all examining the issue of AI and its ...

10 November 2023

Google’s Play Store promotes secure apps

Badge now certifies apps that pass cybersecurity test.

09 November 2023

How phishing scams utilize OSINT

By Zachary Amos

Open-source intelligence may be increasing the risks posed by phishing scams. Many people aren’t aware of how much may be available about them online, but scammers do, and they’re taking ...

07 November 2023

Cyberscore: is France really taking the digital threat seriously?

By Alexandre Lazarègue, avocat spécialisé en droit du numérique

The cyberscore, introduced by law on March 3, 2022, aims to do for cybersecurity what the nutriscore did for food. However, with its limited scope and modest requirements, it is not certain that it ...

04 November 2023

Ransomware: 40 countries make commitment to no longer pay ransoms

Alliance led by United States and supported by European Union seeks to dry up funding for cybercriminal groups.

Operational security

02 November 2023

United States: Joe Biden signs first executive order on AI

Scope remains limited as Congress unable to pass bipartisan bill on issue.

19 October 2023

Can generative AI help break attack chains?

By Fabrice Deblock

With cyberattacks on corporate supply chains on the rise, how can we stop suppliers from being the weakest link in an organization’s cybersecurity? What could generative AI bring to this ...

17 October 2023

HarfangLab raises 25 million euros

French startup wants to become European leader in cyber threat detection and response (EDR) software.

07 October 2023

Yves Bernaert, new CEO of Atos Group

Yves Bernaert leaves Accenture management to head Eviden, tech giant’s cloud, cybersecurity, supercomputer, and quantum branch.

27 September 2023

Threat detection and AI: Cisco acquires Splunk

Cisco acquisition of data analysis solutions provider for 28 billion dollars seeks to harness cybersecurity transformation brought on by AI boom.

25 September 2023

Thirty-eight TB of internal Microsoft data left unprotected for three years

Computer giant under fire for failing to protect sensitive data.

Antifraud action

21 September 2023

Europol takes down cyber-equipped betting fraud gang

On September 15, 2023, Europol revealed a sting carried out in March 2023 against a fraudulent sporting bets gang operating from Spain and led by Romanian and Bulgarian nationals. The group stands ...

05 September 2023

Messenger to implement default end-to-end encryption

Long-awaited development in wake of illegal abortion controversy in Nebraska Fraud prevention.

04 August 2023

50 million dollars in crypto stolen from Curve

White hat hackers are said to be among the attackers of this decentralized finance platform.

01 August 2023

ChatGPT already has two evil twins

Named “FraudGPT” and “WormGPT”, two chatbots can write fraudulent messages and simple malware.

28 July 2023

United States: OpenAI under FTC investigation

The US Federal Trade Commission is investigating ChatGPT over claims of misrepresentation.

13 July 2023

Olympic Games: ANSSI argues for “healthy paranoia”

Vincent Strubel, head of ANSSI, goes over security measures for Paris 2024 Games, as well as threats the event faces.

Digital identity & KYC

13 September 2023

Crypto theft linked to LastPass hack?

In late August 2023, cybersecurity researchers published an investigation connecting 150 cryptocurrency thefts over the month of December 2022, to the data leak suffered by LastPass in November 2022. ...

11 September 2023

Finland experiments with digital passports

On August 28, 2023, Finnish authorities launched a pilot project allowing Finnish citizens to use a digital version of their passport. The experiment, carried out in Helsinki airport in partnership ...

07 July 2023

European Digital Identity Wallet: text makes progress, but disagreements persist

The European Commission, the European Parliament, and the Council have completed a round of negotiations on this key text for the EU’s digital transformation.

19 June 2023

The Catholic Church in France gives priests digital IDs

It is now possible to verify if priests are authorized to say Mass or hear confession, and thus make sure they are not accused of any sexual crimes

19 June 2023

New fundraising round for Archipels, which welcomes shareholder IN Group

Publicly owned French company Archipels develops digital identity platform based on blockchain

16 May 2023

DocuSign launches AI-assisted ID verification

Named “ID Verification for EU Qualified”, compliant with European Union and United Kingdom regulatory requirements, this solution also relies on human approval

Digital Sovereignty

22 November 2023

TikTok: an application under surveillance

By Fabrice Deblock

The Chinese social network is under scrutiny by the American and European authorities, who want to know exactly how their citizens’ data is being used. This comes at a time when geostrategic ...

08 November 2023

NIS2 on the horizon: companies need to get ready

By Thomas Joos

The aim of this new European directive is to strengthen cybersecurity in Europe. It is set to replace the NIS1 directive, whose requirements are no longer up to the task of improving security, ...

08 October 2023

Digital Services Act implemented for “very large platforms”

Other services have until February 17, 2024, to comply.

08 October 2023

Transatlantic data: Data Privacy Framework already challenged

French MP Philippe Latombe files suit with ECJ to cancel Privacy Shield successor.

08 October 2023

Tunisia expands scope of national cybersecurity agency

ANSI also becomes ANSC.

03 October 2023

Digital Market Act update

Definitive list of “gatekeepers” published on September 6, 2023.

Digital transition

23 November 2023

How AI is shaking up intellectual property

By Pascal Coillet-Matillon

On August 3, 2023, The New York Times changed the legal notice on its website. The US daily now requires its written consent for an AI to use its data for training. It’s a sign that generative ...

22 November 2023

[InCyber Forum Montreal] Generative AI: reinventing copyright

By Marion Lefebvre

Widespread access to generative artificial intelligence is shaking up how we work and create. However, the growing use of this technology has quickly raised two considerable legal issues: how to ...

22 November 2023

“Ex Machina”: a film that explores the (intimate) relationships between humans and machines…and much more

By Olivier Parent

This science fiction movie, directed by Alex Garland, is a “No Exit” that examines the possibilities of human empathy toward an artificially intelligent system. Moreover, it uses ...

20 November 2023

Corporate cryptocurrency cashflow: balancing flexibility and security

By Agathe Laurent

The rise of cryptocurrencies is being felt in the business world. Companies’ adoption of this technology raises specific issues of governance and security. Here is a guide to the topic.

14 November 2023

Privacy governance better accounted for throughout the world

Yet heads of privacy in corporations still deem resources insufficient.

10 November 2023

OpenAI to fight AI’s “catastrophic risks”

ChatGPT publisher forms team of experts to assess most serious threats associated with advanced AI models.

FBI mail server hacked by ethical hacker

Read also