Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
ZoneAlarm forum site hack exposed data of thousands of users
This is really an embarrassing incident, ZoneAlarm forum site has suffered a data breach exposing data of its discussion forum users. ZonaAlarm, the popular security software firm owned by Check Point Technologies, has suffered a data breach. According to the post published by The Hacker News, the security breach exposed the data of ZonaAlarm discussion forum users.
Facebook App for iOS Caught Accessing Camera in Background
iPhone users reported that Facebook was opening the primary camera when the app was in use, leading to speculation that this function was being used to spy on people. Facebook was quick to say it was nothing more than a bug.
Open database exposes 93K files on patients of substance abuse facilities
The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.
Cyber-attaques / fraudes
Hackers Breach ZoneAlarm’s Forum Site – Outdated vBulletin to Blame
Hackers Breach Outdated vBulletin Forum of ZoneAlarm Cybersecurity Company
Company Detected Years-Long Breach Only After Hacker Maxed Out Servers’ Storage
Lack of reasonable security safeguards at Utah-based technology company allowed a hacker to access the personal information of a million consumers.
Pemex claims victory over cyberattack; $4.9 million ransom reportedly demanded
The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.
10 millions d’abonnés pour Disney+ et déjà des milliers de piratés !
Gestion des cookies Nous utilisons des cookies sur notre site web pour vous offrir l’expérience la plus pertinente en mémorisant vos préférences et vos visites répétées. En cliquant sur « Accepter », vous consentez à l’utilisation de ces cookies.
Facebook a supprimé 3,2 milliards de faux comptes et 2,5 millions de posts
Le plus grand réseau social du monde est chaque année confronté à un problème de taille : les faux comptes et les posts à caractère « abusif ». En 2019, entre avril et septembre, Facebook affirme avoir supprimé 3,2 milliards de faux comptes et 2,5 millions de posts ne respectant pas les règles du réseau social.
Failles / vulnérabilités
US-CERT warns of critical flaws in Medtronic equipment
The United States Computer Emergency Readiness Team (US-CERT) has issued another warning about security flaws in medical equipment made by Medtronic. The problem this time is in the Valleylab FT10 (V4.0.0 and below) and Valleylab FX8 (v1.1.0 and below), electrosurgical generators used by surgeons for procedures such as cauterisation during operations.
BlueKeep: What you Need to Know
BlueKeep is the name that has been given to a security vulnerability that was discovered earlier this year in some versions of Microsoft Windows’ implementation of the Remote Desktop Protocol (RDP). The vulnerability was described as « wormable » by Microsoft, and users were warned that BlueKeep might be exploited in a similar fashion to how the WannaCry ransomware used the Eternal Blue vulnerability to spread widely in 2017.
Chrome, Edge, Safari hacked at elite Chinese hacking contest | ZDNet
China’s top hackers have gathered this weekend in the city of Chengdu to compete in the Tianfu Cup, the country’s top hacking competition. Over the course of two days — November 16 and 17 — Chinese security researchers will test zero-days against some of the world’s most popular applications.
Facebook confirms bug that activated iOS cameras – CyberScoop
Social media users have complained in recent days that Facebook apparently has been activating iPhone owners’ cameras while they were scrolling through their news feeds. Word of the issue resulted in a handful of news articles suggesting Facebook again was abusing customer trust to collect data in a way it has never made public.
New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices
New WhatsApp Flaw (CVE-2019-11931) Could Have Allowed Hackers to Install Spyware On Your Device Just by Singing MP4 Media File
Réglementaire / juridique
Divers
Lancement du nouveau profil professionnel de spécialiste en cybersécurité avec brevet fédéral – allocution de la cheffe du DDPS
Berne, 11.11.2019 – Allocution de la conseillère fédérale Viola Amherd, cheffe du Département fédéral de la défense, de la protection de la population et des sports (DDPS) à l’occasion du lancement du nouveau profil professionnel de spécialiste en cybersécurité avec brevet fédéral, lundi 11 novembre à Berne.
Google récolte légalement les données médicales de millions de patients
Un groupement médical privé, propriétaire de 2600 établissements de santé aux États-Unis a fourni l’entièreté des données médicales de ses patients à Google, sans informer les concernés ni les médecins. Dans le flux des données collectées par Google sans l’accord des utilisateurs, voici maintenant que s’ajoutent les informations liées à la santé.
1 Comment
Comments are closed.
Pingback: Veille Cyber N258 – 25 novembre 2019 |