Sandworm-Linked Hackers Have Targeted French Firms via Centreon IT Monitoring Tool

North Korea has hacked Pfizer, Massively adopted Android application SHAREit has three unpatched serious flaws, Dutch research council suspends subsidy allocations due to hack, much more

Want to gain access to Metacurity’s archives and special content (plus a few surprising premium benefits in a month or so)? Sign up to become a subscriber today.

French information security agency ANSSI published an advisory warning that hackers with links to Sandworm, a Russian hacking group run out of the country’s GRU military agency, have stealthily targeted French firms by exploiting an IT monitoring tool called Centreon, made by a firm of the same name, attacks that go back to 2017.

The victims were"mostly" IT firms and particularly web hosting companies. Although not named as victims by ANSSI, among Centreon’s customers are telecom providers Orange and OptiComm, IT consulting firm CGI, defense and aerospace firm Thales, steel and mining firm ArcelorMittal, Airbus, Air France KLM, logistics firm Kuehne + Nagel, nuclear power firm EDF, and the French Department of Justice. (Andy Greenberg / Wired)

Related: Tech XploreBleeping ComputerZDNet, iTnews - SecurityReutersSiliconANGLETech XploreEurasia ReviewThe Moscow TimesPOLITICO EUSecurity AffairsSecurityWeek, The Register - SecuritySlashdot

South Korea’s state intelligence agency, the National Intelligence Service (NIS), told the country’s parliament that North Korea has attempted to hack into South Korean drug manufacturers' computer systems to obtain coronavirus vaccine information.

Reuters reports that pharmaceutical giant Pfizer was among the drug makers’ hacked by North Korea. North Korea has already been suspected of hacking into nine other healthcare firms, including Johnson & Johnson, Novavax Inc, and AstraZeneca. (Sangmi Cha, Hyonhee Shin / Reuters)

Related: Digital Journal,  DAILY SABAH, South China Morning PostEuro Weekly News SpainNews - English [KBS WORLD Radio], Yonhap, euronews


Trend Micro researchers say that the Android application SHAREit contains unpatched vulnerabilities that the app maker has failed to fix for more than three months.

The bugs, which stem from the lack of proper source code access controls, can be exploited to run malicious code on smartphones where the SHAREit app is installed. (Catalin Cimpanu / ZDNet)

Related: Telecomlive.comGadgets NowTimes of IndiaSecurity Affairs, Trend Micro, RAPPLER

Blockchain investigations firm Chainalysis said that a small group of 270 blockchain addresses had laundered around 55% of cryptocurrency associated with criminal activity.

Moreover, 1,867 addresses received 75% of all criminally-linked cryptocurrency funds in 2020, a sum estimated at around $1.7 billion, according to the firm. (Catalin Cimpanu / ZDNet)

Related: Slashdot, Silicon Angle, Chainanalysis

The research and science innovation funding organization, the Dutch Research Council (NWO), said that its servers had been hacked. It has had to suspend some of its annual one-billion-euro subsidy allocations for the time being.

NWO has postponed near-term funding deadlines and has stopped the evaluation of grant proposals with a passed deadline. (Ionut Ilascu / Bleeping Computer)


U.S.-based cybersecurity giant Palo Alto Networks purchased Israeli-founded cyber company Bridgecrew Technologies for at least $200 million.

The company has an automated solution for developing cloud-based security that identifies and automatically fixes cloud infrastructure misconfiguration. (Meir Orbach / Calcalist)

Related: Ingrid Lunden – TechCrunch, Times of Israel

Follow Us on Twitter

After the State of California, Virginia is poised to become the second state to adopt a comprehensive online data protection law for consumers.

The Consumer Data Protection Act, which will soon be signed by the state’s Democratic governor Ralph Northam, puts guidelines on how affected companies (the data “controllers”) should collect, handle, and share personal information. (Kate Cox / Ars Technica)

Related: National Law Review, Roll Call

Must-Watch Video: Former Cybersecurity and Infrastructure Security Agency (CISA) head Chris Krebs spoke to CBS News the morning after the network’s 60 Minutes segment on the SolarWinds hack.

Krebs said that the government is still analyzing the Solar Winds breach and that the hack was an attack on trust in the digital ecosystem, which made it so “reckless and brazen.”

Photo by Steve Harvey on Unsplash