Les spammeurs toujours à l’affût des catastrophes #veille (17 mars 2019)

Mis à part les vols et fuites de données habituellement détectées chaque semaine lors de cette veille, il est à remarquer la rapidité des spammeurs et autres pirates à se saisir des catastrophes de notre monde. Ainsi l’acte terroriste en Nouvelle-Zélande de ce week-end est déjà utilisé pour propager des spams et autres codes malveillants. Et pas mieux pour la catastrophe aérienne touchant Boeing.

un petit clic pour ma veille

On notera cette semaine la vulnérabilité critique découverte dans le code de la solution de e-voting proposée par la Poste en Suisse. Une équipe de chercheurs en cybersécurité a découvert des failles techniques qui pourraient permettre de remplacer les votes légitimes par des votes frauduleux. L’importance des bug bounties et autres audits de sécurité en sort renforcée mais le débat sur l’utilisation du vote électronique dans les processus démocratique ne fait que commencer.

Et voici toutes actualités intéressantes sélectionnées cette semaine :

Vol / perte de données

Une faille de sécurité Gearbest expose les données de millions de clients

Si Amazon est le site web de ecommerce qui règne sur le secteur en Occident, ce sont Alibaba et Gearbest qui dominent largement le marché en Chine, au point que ce dernier fait partie des 250 sites web les plus visités au monde.

Unsecured Database Exposed 33 Million Job Profiles in China

A large database with approximately 33 million profiles for people seeking jobs in China has been fully accessible and unprotected online. This information included sensitive information that could have been used for scammers and identity theft. The database was discovered by Sanyam Jain, a security researcher and member of GDI.Foundation, who found the database using the Shodan search engine.

763M Email Addresses Exposed in Latest Database Misconfiguration Episo

In February, a security researcher named Bob Diachenko found a MongoDB data instance containing four collections of data and a total of 150GB of data including approximately 763 million unique email addresses. The data instance was openly available and the data inside was stored in plain text.

Hackers steal 6TB of data from enterprise software developer Citrix

One of the most popular enterprise software and networking and remote access technology provider firm Citrix affirmed that its internal network was compromised by international criminals. Reportedly, the attackers exploited weak passwords and managed to get limited access initially after which they acquired privileged rights on the system.

Secur Solutions Group data leak exposes 800,000 Singapore blood donors

The news was first reported by The Straits Times, the huge trove of data was contained in a database operated by the Secur Solutions Group Pte Ltd (SSG).

Cyber-attaques / fraudes

Students Hack School System to Change Grades and Attendance

Like a modern day WarGames, students in Michigan have hacked into a school district’s computer system and changed grades and attendance records. According to a statement made on Facebook and the district’s web site, Jim Nielsen, the superintendent of Orchard View Schools, stated that they became aware of a data breach in their PowerSchool student information system last week.

Google a supprimé 2,3 milliards de publicités malveillantes en 2018 pour renforcer la sécurité des navigations

Google a publié un rapport annuel indiquant avoir supprimé plus de 2,3 milliards de publicités malveillantes sur 1,5 million d’applications et 28 millions de pages web, qui violaient le règlement de publication de Google.

Spam Warns about Boeing 737 Max Crashes While Pushing Malware

A new malspam campaign is underway that is trying to utilize the tragic Boeing 737 Max crashes as a way to spread malware on a recipient’s computer. These spam emails pretend to be leaked documents about imminent crashes that the sender states should be reviewed and shared with loved ones to warn them.

US-CERT warns of New Zealand mosque shooting scams

Yesterday the horrible mass mosque shooting in New Zealand made the headlines, fifty people were killed. A gunman used GoPro to transmit a live stream of the massacre at a mosque. Despite social media companies immediately removed the content from their platforms it is still possible to find multiple copies of the shooting videos online.

It is the first time that civic groups hold a protest against a national CERT

On March 12, the World Day Against Cyber-Censorship, media and civilsociety organizations in Philippines held a demonstration in front ofNCERT (National Computer Emergency Response Team) to protest against the negligence of the NCERT to support the investigation of the threemonths’ long Distributed Denial of Service attacks against regimecritical media and civil society organizations in the Philippines.

Failles / vulnérabilités

Backdoor discovered in Swiss voting system would have allowed hackers to alter votes

Written by Jeff Stone Mar 12, 2019 | CYBERSCOOP A team of cybersecurity researchers on Tuesday revealed technical flaws in the Swiss government’s electronic voting system that could enable outsiders to replace legitimate votes with fraudulent ones. The issue is related to the way Switzerland’s voting system receives and counts votes.


Windows 10 to Automatically Remove Updates That Cause Problems

Windows 10 will automatically uninstall Windows updates that cause startup failures due to incompatibility or issues in new software according to a support document published by Microsoft today. As detailed by Microsoft: This new feature is only available for Windows Insiders running Windows 10 Insider Preview, build 18351 or later.

Réglementaire / juridique

Man arrested for selling one million Netflix, Spotify, Hulu passwords

Police in Australia have arrested a man who allegedly made AU $300,000 (US $211,000) running a website which sold the account passwords of popular online subscription services including Netflix, Spotify, Hulu, PSN, and Origin. The 21-year-old man was arrested on Tuesday in Sydney, Australia, following an international investigation by the FBI and the Australian Federal Police into the website WickedGen.com.




Les cartes bancaires avec lecteur d’empreintes digitales en test au Royaume-Uni

La banque britannique Natwest teste actuellement une nouvelle forme de carte de paiement NFC, équipée d’un lecteur biométrique. En effet, si notre doigt permet actuellement de déverrouiller notre smartphone, mais aussi d’ouvrir une voiture, il peut également permettre de valider rapidement (et en toute sécurité) un paiement via une carte bancaire.

Veilleur et spécialiste en cybersécurité

Comments are closed.