cellule de prison

Des criminels évitent la prison grâce à un ransomware et ces millions de données non protégées sur le cloud 👎 #veille (1 mars 2020)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

un petit clic pour ma veille

Vol / perte de données

Decathlon a fait face à une fuite massive de 123 millions de données personnelles

Decathlon a été confronté à une fuite de 123 millions de données personnelles dont la plupart concernent des employés espagnols et britanniques. Le groupe français d'équipement sportif affirme qu'aucune donnée client n'a été exposée et que la brèche a été colmatée depuis.

Over 120 Million US Consumers Exposed in Privacy Snafu

Security researchers have discovered a publicly exposed cloud database containing personal data and behavioral profiles on 120 million Americans. Security company UpGuard found the misconfigured Amazon S3 bucket on February 3 this year, eventually tracing it back to market analysis company Tetrad. Around half of the 747GB trove appears to have been sourced from client organizations.


49 Million Unique Emails Exposed Due to Mishandled Credentials

An Israeli marketing firm exposed 49 million unique email addresses after mishandling authentication credentials for an Elasticsearch database, that were sitting in plain text on an unprotected web server. In a vaguely-worded notification this week, Straffic, a privately-held digital marketing company, informed that the incident was the result of a « security vulnerability » affecting one of its servers.

Cyber-attaques / fraudes

US Railroad Contractor Reports Data Breach After Ransomware Attack

RailWorks Corporation, one of North America’s leading railroad track and transit system providers, disclosed a ransomware attack that led to the exposure of personally identifiable information of current and former employees, their beneficiaries and dependents, as well as that of independent contractors.

Iranian APT Targets Govs With New Malware

A new campaign is targeting governments with the ForeLord malware, which steals credentials. SAN FRANCISCO – A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat (APT) group.

Ransomware Attack at US Power Station

A Massachusetts power station hit by ransomware is refusing to meet attackers’ financial demands. The Reading Municipal Light Department (RMLD) was targeted on Friday by cyber-criminals hoping to extort money by encrypting data in the station’s computer system.

Australian banks targeted by DDoS extortionists | ZDNet

Banks and other organizations from the Australian financial sector have been the targets of an extensive extortion campaign over the past week. A threat group has been emailing victims with threats to carry out distributed denial of service (DDoS) attacks unless the organizations pay hefty ransom fees in the Monero (XMR) cryptocurrency.

Desjardins Group Breach Cost $38m Higher Than Expected

Last year’s data breach at the Desjardins Group will cost the co-operative far more than initially anticipated. Original estimates by the Quebec-based financial institution set the cost of recovering from the breach at $70m. The co-operative has now said that the final breach bill is likely to be $108m.

Failles / vulnérabilités

KrØØk: Une grave vulnérabilité a affecté plus d’un milliard de dispositifs WiFi | WeLiveSecurity

Les chercheurs d’ESET découvrent une faille de sécurité jusqu’alors inconnue permettant à un adversaire de déchiffrer certains des paquets de réseau sans fil transmis par des appareils vulnérables. ESET Research a publié son dernier white paper, KrØØk – CVE-2019-15126: Serious vulnerability deep inside your Wi-Fi encryption.

Google is indexing WhatsApp group chat links, making even private groups discoverable

Invitations to WhatsApp group chats are being indexed by Google, making the invite links -including links to private group chats – discoverable and available to anyone who wants to join, Motherboard reports.

Réglementaire / juridique

Scientist sentenced to 2 years behind bars for stealing next-generation battery tech secrets | ZDNet

A Chinese scientist has been issued a prison sentence of two years for stealing next-generation battery technology from his US employer. The former associate scientist, Hongjin Tan, has also been ordered to pay $150,000 in restitution and will spend three years on supervised release, the US Department of Justice (DoJ) said on Thursday.

Ransomware wipes evidence, lets suspected drug dealers walk free

Six alleged drug criminals will go free thanks to a ransomware attack on a small Florida city, it was revealed this month. Stuart is a city in Florida with a population of around 16,500. It suffered an attack involving the Ryuk ransomware in April 2019 that took city servers offline.

FBI Arrests Man on Political Cyber-attack Charges

America’s Federal Bureau of Investigation has arrested a man on suspicion of cyber-attacking the political rival of a former US congresswoman. Arthur Jan Dam was arrested by the FBI on Friday. The 32-year-old is accused of masterminding a series of DDoS (distributed denial-of-service) attacks that targeted an opponent of former congresswoman Katie Hill.

Microsoft Engineer Pleads Guilty to $10m Fraud Scheme

A former Microsoft engineer faces 20 years behind bars after being found guilty of attempting to defraud his ex-employer of $10m. Ukrainian citizen Volodymyr Kvashuk, 25, from Renton, Washington, was initially a contractor for the tech giant before going full time there from August 2016 until he was fired in June 2018.


Des hackers ont gagné plus d’un million de dollars chacun en découvrant des failles de sécurité

Au cours de ces dernières années, plusieurs entreprises ont lancé leur programme de bug bounty, une initiative visant à récompenser les utilisateurs ayant trouvé un bug ou une faille de sécurité sur leur service. Les sites web et les développeurs peuvent espérer les corriger rapidement avant d’en informer le grand public et de risquer l’exploitation de la vulnérabilité.

La Commission européenne recommande à ses employés de passer à Signal

Open Source : La Commission recommande à ses employés l’usage comme messagerie instantanée du logiciel libre Signal, plus sûr. « Signal a été sélectionnée comme application recommandée pour la messagerie publique instantanée », a indiqué un message aux employés de la Commission européenne début février.

Google va mettre une muselière aux apps Android qui piquent les données de localisation

Technologie : Certains prennent vos données de géoloc pour en faire n’importe quoi. Google a décidé de sévir. Google va également mettre à jour le système de permission de la localisation d’Android (encore). Google a annoncé son intention de sévir contre les applications Android qui abusent du système de permissions du système d’exploitation et demandent l’accès aux données de géolocalisation des utilisateurs lorsque l’application n’est pas utilisée.

Veilleur et spécialiste en cybersécurité