Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
CafePress finally warns customers that it was hacked * Graham Cluley
Online merchandise retailer CafePress, used by millions of people to host an online store where they can sell custom-designed t-shirts, mugs, stickers, and more, has finally informed its customers that its systems were hacked and their personal details stolen.
Vodafone’s Mobile App Briefly Exposed Customer Information
For a brief period on Wednesday morning, Vodafone customers in New Zealand using the mobile carrier’s app could see details for other customers. The app is designed for managing the Vodafone account and offers quick access to bills, or active services. It also provides information about call rates in other countries, reward points, promotions, and data plans.
Cyber-attaques / fraudes
Comment des hackers attaquent Airbus en passant par ses sous-traitants – FrenchWeb.fr
Airbus a été ces derniers mois la cible de plusieurs attaques informatiques lancées en passant par des sous-traitants du constructeur, a appris l’AFP en enquêtant auprès de plusieurs sources sécuritaires, qui soupçonnent ces opérations d’espionnage industriel d’être pilotées depuis la Chine.
Iranian Government Hackers Target US Veterans
‘Tortoiseshell’ discovered hosting a phony military-hiring website that drops a Trojan backdoor on visitors.
Cyber-Attacks Hit Defense Contractors in Europe and North America
Defense contractors Rheinmetall AG and Defence Construction Canada (DCC) were hit this month by cyber-attacks that impacted and disrupted their information technology systems. German Rheinmetall AG is one of the world’s top suppliers of military equipment and systems, with two operational components, namely Rheinmetall Defence and Rheinmetall Automotive.
Le Cyberpeace Institute : une ONG pour défendre la » cyberpaix «
Comment empêcher une attaque informatique de paralyser un hôpital ? De couper le courant dans une grande métropole ? De mettre à terre un réseau téléphonique ? Même si rares ont été les offensives numériques à avoir de tels effets, certains Etats s’inquiètent depuis plusieurs années d’un cyberespace hors de contrôle et tentent de le pacifier.
Emotet malspam campaign uses Snowden’s new book as lure
Exactly one week ago, Emotet, one of the most dangerous threats to organizations in the last year, resumed its malicious spam campaigns after several months of inactivity. Based on our telemetry, we can see that the botnet started becoming chatty with its command and control servers (C2), about a week or so before the spam came through.
Failles / vulnérabilités
Hacker publishes ‘unpatchable’ permanent jailbreak for iPhone 4s to iPhone X
While a jailbreak is technically illegal, Apple users have been doing them since the launch of the very first iPhone. The motive being the increased control over the device, something that’s easily found in its archrival – Android.
15,000 webcams vulnerable to attack: how to protect against webcam hacking
Webcams may have been around for a long time, but that doesn’t mean we know what we’re doing with them. Webcam hacking has been around for equally as long, yet new research from Wizcase indicates that more than 15,000 private, web-connected cameras are exposed and readily accessible to the general public.
Réglementaire / juridique
Russian Man Pleads Guilty in ‘Massive’ Hacking Scheme
Andrei Tyurin is the first person to be convicted in the case, in which prosecutors said cyberattacks targeted a dozen American companies, including JPMorgan Chase. A Russian man pleaded guilty on Monday to taking part in a global, multiyear hacking operation that involved cyberattacks on a dozen American companies and an elaborate scheme to use stolen information to manipulate stocks and run illegal online-gambling businesses.
German Cops Raid « Cyberbunker 2.0, » Arrest 7 in Child Porn, Dark Web Market Sting
German authorities said Friday they’d arrested seven people and were investigating six more in connection with the raid of a Dark Web hosting operation that allegedly supported multiple child porn, cybercrime and drug markets with hundreds of servers buried inside a heavily fortified military bunker. Incredibly, for at least two of the men accused in…
World of Warcraft’s suspected DDoS attacker has been arrested
Blizzard, the developers of World of Warcraft Classic, has revealed that a person suspected of orchestrating a disruptive Distributed Denial of Service (DDoS) attack against the games’ servers has been arrested. In a Blizzard forum post, community manager Kaivax… #worldofwarcraft #wow #wowddos
Divers
ICTswitzerland publie un livre blanc sur la sécurité numérique – Cominmag.ch
Accueil / Actualité /ICTswitzerland publie un livre blanc sur la sécurité numérique « Il faut créer un laboratoire national de cybertests » Aujourd’hui, en Suisse, les produits numériques de divers fournisseurs nationaux et internationaux sont utilisés dans tous les secteurs, de l’industrie à la police en passant par l’armée.
Un commentaire
Pingback: Veille Cyber N251 – 07 octobre 2019 |