Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Slickwraps Data Breach Exposes Financial and Customer Info
Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed. Slickwraps is a mobile device case retailer who sells a large assortment of premade cases and custom cases from images uploaded by customers.
Hackers Share Stolen MGM Resorts Guest Database with 10M+ Records
An archive with over 10 million records of guests at the MGM Resorts hotels is currently distributed for free on a hacking forum. The data comes from a security breach in July 2019 on one of MGM cloud services. In total, there are 10,683,189 records with about 3.1 million unique email addresses as far back as 2017.
Pentagon’s tech agency reveals potential breach involving personal data – CyberScoop
The agency that secures the U.S. military’s IT infrastructure across the globe says sensitive personal data, including Social Security numbers, hosted on its network may have been compromised in a breach between May and July 2019.
☠ Andy Piazza ☠ on Twitter: « Awesome. Got another #PII #breach letter from DoD. Is this like pokemon where I want to catch them all? pic.twitter.com/TNOvEQwkO4 / Twitter »
Awesome. Got another #PII #breach letter from DoD. Is this like pokemon where I want to catch them all? pic.twitter.com/TNOvEQwkO4
Report shows personal info on 144K Canadians breached by federal entities | ZDNet
A handful of Canadian government departments and agencies have reportedly compromised the personal information of 144,000 individuals across 7,992 breaches experienced over the past two years. As reported by the Canadian Broadcasting Corporation (CBC), the Canadian government revealed the information in an answer to an order paper question filed by Conservative MP Dean Allison late last month.
PhotoSquared App Leaked Personal Data And Sensitive Photos Online
Once again, a popular photo-editing application has breached users’ privacy, consequently exposing sensitive information online. This time, the guilty application is the PhotoSquared app that leaked photos and personal data of thousands of users. Reportedly, the researchers’ duo from vpnMentor have found another leaky database online.
Cyber-attaques / fraudes
Des hackers ont piraté des serveurs VPN pour installer des portes dérobées dans des entreprises du monde entier
Sécurité : Des pirates informatiques iraniens ont ciblé les réseaux de Pulse Secure, Fortinet, Palo Alto Networks et Citrix VPN afin de pirater de grandes entreprises. La preuve de la montée en compétence de ces groupes.
La cryptomonnaie IOTA ferme ses réseaux après un piratage d’ampleur
Technologie : Des pirates informatiques ont exploité une vulnérabilité du portefeuille officiel de l’IOTA pour voler des millions d’unités de cette cryptomonnaie. Son cours a fondu, en toute logique, depuis l’annonce de cette attaque d’ampleur. La Fondation IOTA, l’organisation à but non lucratif à l’origine de la cryptomonnaie IOTA, a fermé l’ensemble de son réseau après avoir subi une attaque d’ampleur.
Hamas Tries to Trick Israeli Soldiers into Installing Malware Using Fake Messages from Women
Dozens of Israeli soldiers were tricked by Hamas into installing malware on their phones and computers via an old ruse: messages from young women looking for companionship. Investing in security solutions is always a good idea, but what »s the point when users voluntarily install malware on their phones and PCs?
Sanders informed that Russia is trying to help his campaign – CyberScoop
Written by Shannon Vavra Feb 21, 2020 | CYBERSCOOP U.S. officials have informed Sen. Bernie Sanders, I-Vt., that Russia is trying to boost his presidential campaign as part of a broader effort to interfere in the 2020 presidential elections and the crowded Democratic field.
Developers Hack McDonald »s Reward System to Get Free Hamburgers
A couple of German software developers discovered an oversight in McDonalds’ promotion systems that allowed them to get as many hamburgers as they wanted, without paying anything. While software vulnerabilities or loopholes are sometimes used for nefarious purposes, that’s not always the case.
Croatia’s largest petrol station chain impacted by cyber-attack | ZDNet
A security incident described as « a cyber-attack » has crippled some business operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. The attack took place last Friday, on February 14, at 22:00, local time, the company said.
Australian Transportation Company Is Still Battling Ransomware Infection 18 Days Later
18 days after the Australian transportation firm Toll was crippled by ransomware, the company is still suffering problems, and the attack continues to impact its customers. It shows that the cost of ransomware is often much higher than the ransom requested by the attackers.
UK Names and Shames Russia for Georgia Cyber-Attacks
The UK government has again named and shamed Russian military intelligence for attempting to destabilize a foreign nation via cyber-attacks, this time a wide-ranging operation on targets in Georgia last October. The attacks led to the defacement of over 15,000 web pages in the former Soviet country with messages designed to undermine pro-Western former President Mikheil Saakashvili.
FC Barcelona Twitter account hacked – again | WeLiveSecurity
The same hackers have also gotten their mitts on social media accounts of other high-profile sporting targets OurMine, the infamous hacker collective, hijacked the official Twitter accounts of FC Barcelona, the Olympics and the International Olympic Committee (IOC) on Saturday.
Le Danois ISS se fait à son tour piéger par un ransomware
zephyr_p – stock.adobe.com par Le leader mondial des » facility services » vient allonger la liste des entreprises victimes de cyberattaques à la sauce rançongiciel. Dans un communiqué de presse, ISS indique avoir été la » cible d’une attaque par maliciel » et, » par précaution et dans le cadre de notre procédure opératoire standard » avoir également » immédiatement désactivé l’accès aux services IT partagés entre nos sites et pays « .
Un opérateur gazier américain a dû cesser ses activités pendant deux jours à cause d’un ransomware
Un opérateur gazier vient de subir une interruption de deux jours de ses activités. La raison ? L'infection par un rançongiciel d'une de ses usines de traitement de gaz naturel. Mal préparé, il s'est trouvé démuni. Une situation préoccupante, tant ce type d’infrastructure est stratégique pour la production d’énergie.
Big health care analytics firm infected with ransomware – CyberScoop
Written by Sean Lyngaas Feb 21, 2020 | CYBERSCOOP NRC Health, which sells software to some of the country’s largest health care organizations, shut down its computer systems last week following a ransomware attack, the company said in a statement Thursday.
Des pirates clonent le site du service suisse ProtonVPN pour disséminer un puissant malware
Les produits de Protonmail sont visiblement attrayants pour les pirates désirant tromper les utilisateurs afin de les hacker. On se souvient qu’en été 2019, une attaque par phishing détournant le service mail ultra sécurisé basé à Genève a ciblé des journalistes enquêtant sur des affaires impliquant la Russie.
Failles / vulnérabilités
Credit Card Skimmer Found on Nine Sites, Researchers Ignored
Security researchers discovered a new batch of nine websites infected with malicious JavaScript that steals payment card info from online shoppers. Some of them were infected a second time and the script persisted, despite efforts from the researchers to contact the website owners.
Voilà comment une Instragrameuse a arnaqué (à hauteur de 1,5 million d’euros) ses abonnés…
Si certains « influenceurs » se sont reconvertis dans la publication (parfois à outrance) de posts sponsorisés à leurs abonnés, parfois pour des produits très médiocres d’ailleurs, d’autres poussent l’arnaque encore plus loin, quitte à sombrer dans l’illégalité la plus totale.
WordPress : 200 000 sites mis en danger à cause d’un plugin
Les failles, WordPress commence à les connaître ! En 2019, une faille de sécurité ouverte depuis 6 ans était corrigée, tandis que peu de temps après, nous apprenions que WordPress lui-même avait été élu le CMS le plus vulnérable de 2018.
Réglementaire / juridique
Feds charge California man for 2018 DDoS attacks on congressional candidate – CyberScoop
Written by Sean Lyngaas Feb 21, 2020 | CYBERSCOOP Federal law enforcement officials have charged a California man for conducting cyberattacks on the website of California congressional candidate in 2018. Arthur Dam is accused of intentionally damaging a protected computer by carrying out distributed denial-of-service attacks (DDoS) that temporarily disrupted the Democratic primary in California’s 25 th district.
Assange lawyer: Trump offered WikiLeaker a pardon in exchange for denying Russia hacked Democrats’ email
Julian Assange was offered a pardon by the White House only if he publicly said Russia did not hack the Democratic National Committee, according to the WikiLeaks supremo’s lawyer. The bombshell came on Wednesday in Westminster Magistrates’ Court amid Assange’s attempt to block his extradition from the UK to the US – where he faces charges of conspiracy to commit computer intrusion.
Reality Winner seeks clemency for leaking NSA report on Russian hacking attempts – CyberScoop
Former National Security Agency contractor Reality Winner is asking President Donald Trump to grant her clemency after she was sent to prison for leaking government secrets about Russian hacking. Winner was sentenced in 2018 after she allegedly mailed classified information from the NSA to The Intercept that explained how Russian hackers sent spearphishing emails to a voting software supplier and local election officials prior to the 2016 elections.
US Cyber-flashers Could Get $1K Fine
Two US senators have introduced a bill to ban cyber-flashing and penalize repeat offenders with hefty fines. The term « cyber-flashing » describes the act of sending unsolicited sexually explicit images and videos to strangers. Lewd images can be sent via social media, dating platforms, text messages, and email.
En Suisse, liker des contenus diffamatoires sur Facebook est un délit
En 2018, l’affaire avait défrayé la chronique en Suisse. La Cour suprême du canton de Zurich avait condamné à des jours-amendes avec sursis un internaute pour diffamation répétée à l’égard d’Erwin Kessler. L’homme avait en effet partagé et liké des contenus publiés sur les profils d’autres utilisateurs et semblait souscrire aux accusations d’antisémitisme et de racisme visant cette personne.
Divers
Le renseignement américain averti la Chambre des représentants : la Russie veut influer l’élection de 2020
Les responsables du renseignement américain ont pris sur eux d’avertir le 12 février des représentants de la Chambre des représentants sur les menaces d’ingérence russe pour l’élection présidentielle de 2020. Trump n’a pas du tout apprécié la présence de certains élus démocrates à la réunion… Après 2016, rebelote.
Over 2000 UK Government Devices Go Missing in a Year
Over 2000 mobile devices used by UK government employees have gone missing in the space of a year, with a significant number unencrypted, according to new Freedom of Information (FOI) data. Requests were sent by global communications company Viasat to 47 government departments, with full or partial replies received back from 27 of them.
Des espions russes s’intéressent de près aux câbles sous-marins d’internet
Plus d’un million de kilomètres de câbles en fibre optique parcourent le fond des océans pour assurer la bonne distribution d’internet partout dans le monde. Possédées en grande partie par des géants de la tech tels que Google ou Microsoft, ces quelques 300 liaisons physiques, facilement repérables, représentent un véritable enjeu stratégique.
