Docker Hub piraté et les moteurs de milliers de voiture à la merci des hackers #veille (28 avril 2019)

Déroulez ici

Il y a longtemps que l’actualité cybersec n’avait pas été aussi variée. On retrouve bien sûr son lot de données perdues ou volées. C’est ainsi le cas de 190’000 utilisateurs du hub Docker qui ont reçu une demande de réinitialisation de leur mot de passe. Des bases de données ont également laissé fuité des information partiellement privées de 60 millions d’utilisateurs LinkedIn.


Pour m'offrir un café en échange du travail de veille réalisé gratuitement

Pour les cyber-attaques, on notera plutôt l’annonce d’un hacker qui affirme avoir réussi à percer des comptes appartenant à des utilisateurs d’applications de suivi GPS, ce qui lui permettait de surveiller l’emplacement de dizaines de milliers de véhicules et même d’éteindre le moteur de certains d’entre eux alors qu’ils se déplacent. Les ransomwares et les détournements de DNS refont également parler d’eux cette semaine.

Du côté de l’Europe, le Parlement s’est prononcé le 16 avril dernier à Strasbourg en faveur de la mise en place d’une Common Identity Repository (CIR). Cette base de données contiendra des informations biométriques à l’échelle européenne et apportera une meilleure sécurité, en termes de migration et de gestion des frontières et donc également mieux lutter contre le terrorisme.

Et voici toutes actualités intéressantes sélectionnées cette semaine :

Vol / perte de données

Unsecured Databases Leak 60 Million Records of Scraped LinkedIn Data

Eight unsecured databases were found leaking approximately 60 million records of LinkedIn user information. While most of the information is publicly available, the databases contain the email addresses of the LinkedIn users. Approximately two weeks ago, I was contacted by security researcher Sanyam Jain of the GDI foundation about something strange that he was seeing.

Docker Hub security breach exposes credentials of 190,000 users

Some bad news arrived late on Friday in the inboxes of users of Docker, the container platform beloved by developers: On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon discovery, we acted quickly to intervene and secure the site.

Docker – Unauthorized access to Docker Hub database

There was a brief period of unauthorized access to a Docker Hub database. During this time some sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of users as well as GitHub and Bitbucket tokens for Docker autobuilds.

Ride-hailing app leaks personal data of millions of Iranians

Another day, another data breach – This time, security researchers have identified a ride-hailing app exposing personal data of 1 to 2 million Iranian drivers, thanks to an insecure MongoDB database. The database (labeled named ‘doroshke-invoice-production) was discovered by Security Discovery’s researcher Bob Diachenko on April 18th which was available to the public for downloading without any authentication.

Bodybuilders beware! One of the world’s largest online fitness…

Fitness fanatics are being advised to change their passwords after one of the world’s largest and most popular online fitness stores admitted that it had suffered a security breach that might have exposed customer data. Bodybuilding.com says that it first suspected it might… #breach #dataleak

Cyber-attaques / fraudes

Des pirates ont détourné le DNS de plusieurs pays

Le groupe baptisé ” Sea Turtle ” a piraté des registres Internet pour prendre le contrôle de plusieurs extensions nationales de noms de domaine. Ce qui leur permettait d’usurper n’importe quel site de ces pays.

Amnesty International says ‘state sponsored’ hackers targeted Hong Kong base | ZDNet

Amnesty International’s Hong Kong office has been hit with a cyberattack that the group says is the work of a state-sponsored team whose tactics are consistent with those supported by the Chinese government.

Les systèmes de Wipro infiltrés pour attaquer des entreprises clientes

Wipro a subi un hameçonnage qui a permis à des pirates d’infiltrer ses systèmes il y a plusieurs mois, probablement afin de cibler ses clients. Des entreprises auraient découvert des activités malveillantes liées au système client du géant indien de l’outsourcing IT.

Man fried over 50 college computers with weaponized USB stick

It’s not as though 27-year-old Vishwanath Akuthota made it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment in February this year. On Valentine’s Day, February 14th 2019, Akuthota walked around the campus of the College of Saint Rose in Albany, New York.

The Weather Channel goes offline after ransomware attack

Another day, another ransomware attack; this time The Weather Channel suffered a powerful ransomware attack forcing its live TV telecast to go offline for 90 minutes. See: WannaCry hero MalwareTech pleads guilty to writing banking malware The ransomware attack took place on April 18th at around 6:00 am, local time, when the channel was telecasting its live morning show “AMHQ.”

Hackers using Google Sites to spread banking malware

Dubbed LoadPCBanker by researchers; the malware is actually an executable that is hidden inside a PDF file titled “PDF Reservations Details MANOEL CARVALHO hospedagem familiar detalhes PDF.exe.” See: GoogleUserContent CDN Hosting Images Infected with Malware The name shows that hackers are specifically targeting English and Portuguese speakers (in Brazil).

Over 500% Increase in Ransomware Attacks Against Businesses

Cybercriminals have started focusing their efforts on businesses during Q1 2019, with consumer threat detections decreasing by roughly 24% year over year while businesses have seen a 235% increase in the number of cyber attacks against their computing systems. For consumers, the number of detections for Trojans and RiskwareTool malware families has kept going down since Q1 2018 and backdoors, spyware, and MachineLearning/Anomalous malware have seen increases of 85%, 95%, and 221% respectively.

Hacker could locate thousands of cars and kill their engines…

Over a relatively short of period of time, computers changed from something you kept on your desk, to something you carried in your pocket, to something you sat inside as you drove to work. As technology moves on, we’re going to be thinking more and more… #carhack #gpstracking #mobilecomputing

Someone is spoofing big bank IP addresses – possibly to embarrass security vendors – CyberScoop

The last several days have seen a surge in internet traffic mimicking the IP addresses of big U.S. banks in a possible effort to disrupt the cybersecurity personnel and products that help protect organizations from malicious traffic, according to GreyNoise Intelligence, a company that maps internet traffic.

Arrestation d’Assange : 40 millions de cyberattaques contre l’Equateur – Ubergizmo France

En abandonnant Julian Assange, l’Equateur savait sans doute que cela ne se ferait pas dans la douceur. Le Président Moreno s’est désengagé et a retiré son soutien au lanceur d’alerte. Ce dernier a été promptement arrêté par les forces de l’ordre britanniques. Il n’en fallait guère plus pour s’attirer les foudres des internautes du monde entier…

Failles / vulnérabilités

Des millions de mots de passe Instagram ont été stockés en texte brut – Ubergizmo France

Le mois dernier, Facebook signalait une faille de sécurité, en effet “des dizaines de milliers” de mots de passe Instagram étaient stockés en texte brut depuis 2012 et 20 000 employés y avaient accès.

Krebs on Security

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. The security flaws involve iLnkP2P, software developed by China-based Shenzhen Yunni Technology.

Vulnerability in Tchap Chat App Exposes French Government

The French government faced embarrassment last week after serious security flaws were discovered in Tchap, a messaging app that they claimed was more secure than Telegram, within an hour of its launch.

Réglementaire / juridique

L’Europe va développer l’une des plus grandes bases de données biométriques

Des nouvelles mesures vont être prises au sein de l’UE pour permettre aux systèmes d’information en matière de sécurité, de migration et de gestion des frontières de travailler ensemble pour lutter contre le terrorisme.

Teen Sues Apple for $1 Billion, Saying Facial Recognition Mistook…

An 18-year-old student from New York is suing Apple for $1 billion, claiming he was wrongfully accused of stealing gadgets from a number of Apple stores in Boston, Manhattan, New Jersey and Delaware last year, writes The New York Post. Ousmane Bah… #apple #facialrecognition #personalInformation

Divers

Microsoft drops password expiration from Windows 10 security

What is it about a secure password that makes us think it’s secure? Traditionally, for businesses it’s been things like complexity, minimum length, avoiding known bad passwords, and how often passwords are changed to counter the possibility of undetected compromise. And yet, recently, the last of those orthodoxies – password expiration – has started to crumble.

CARBANAK Week Part One: A Rare Occurrence ” CARBANAK Week Part One: A Rare Occurrence

It is very unusual for FLARE to analyze a prolifically-used, privately-developed backdoor only to later have the source code and operator tools fall into our laps. Yet this is the extraordinary circumstance that sets the stage for CARBANAK Week, a four-part blog series that commences with this post.

Les livreurs d’Amazon devront désormais prendre des selfies – Ubergizmo France

Dans le but de réduire la fraude, La société utilisera ensuite la Amazon demande maintenant à ses livreurs de prendre des selfies. reconnaissance faciale pour vérifier l’identité des conducteurs. Cette nouveauté a fait son apparition sur Amazon Flex et ce sera une condition sine qua non pour travailler.

Comment Swisscom veut contrer la toute puissance de Whatsapp

Swisscom compte introduire cette année un service de messagerie basé sur le standard RCS, amené à remplacer le SMS. Permettant entre autres des tchats en groupe et des appels vidéo, ce standard est la nouvelle arme des opérateurs contre la domination de Whatsapp.

1 Comment

Laisser un commentaire

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

La newsletter