Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
T-Mobile Suffered Another Data Breach Affecting Numerous Customers
T-Mobile has once again made it to the news owing to a security incident. One more time, T-Mobile has suffered a data breach that exposed the personal and financial information of their customers. T-Mobile is presently notifying customers affected during this incident. Reportedly, T-Mobile has once again suffered a data breach affecting numerous users.
Brazilian security firm leaks more than 25 GB of client and staff data | ZDNet
A configuration failure on a server belonging to Orsegups Participações, a large Brazil-based holding company that controls seven businesses active in the property security sector, exposed a series of tax documents revealing clients’ contract values and staff information.
201 million US demographic, personal records leaked online
Another day, another data breach – This time, an unknown company or individual has exposed personal and other highly sensitive data of people in the United States. The unprotected database was hosted on a Google Cloud server exposed to the public without any security authentication.
Virgin Media left 900,000 consumers’ details exposed in unsecured database
This article is more than 1 year old Virgin Media, one of the UK’s largest internet and TV cable providers, has admitted that it left a database containing the unencrypted details of more than 900,000 UK residents – including existing and potential customers – freely accessible to anybody on the internet, with no password required.
Russias spies are attempting to tap transatlantic undersea cables
The Sunday Times reported that Russian intelligence agents have been sent to Ireland to gather detailed information on the undersea cables that connect Europe to North America. The news is alarming, intelligence agencies fear that Russia plans to carry out new cyber-espionage operations by tapping the undersea cables or even sabotage them.
Travel leisure company Carnival Corporation discloses data breach
Carnival Corporation, the world’s largest travel leisure company, discloses a data breach that took place in 2019. The company is informing customers of the incident, a third-party gained unauthorized access to their personal information. Carnival Corporation has 100 vessels across 10 cruise line brands.
Cyber-attaques / fraudes
Ryuk ransomware hits Fortune 500 company EMCOR | ZDNet
EMCOR Group (NYSE: EME), a US-based Fortune 500 company specialized in engineering and industrial construction services, disclosed last month a ransomware incident that took down some of its IT systems. The incident took place on February 15 and was identified as an infection with the Ryuk ransomware strain.
Des hackers basés au Maroc auraient piraté des infrastructures critiques françaises
Un fournisseur national d’électricité, un groupe hospitalier, un constructeur automobile, une banque, un opérateur aéroportuaire, une société de chemins de fer, des laboratoires nucléaires, des spécialistes du transport, etc. D’après le journaliste Brian Krebs, plusieurs organisations françaises opérant des infrastructures critiques ont été piratées en 2018 au moyen d’un cheval de Troie baptisé » njRAT « , qui permet d’installer des portes dérobées et d’accéder à distance aux ordinateurs infectés.
US Govt Shares Tips to Defend Against Coronavirus Cyber Scams
The Department of Homeland Security’s cybersecurity agency today shared tips on how to defend against scammers who use the coronavirus health crisis as bait to push their scams over the Internet. The Cybersecurity and Infrastructure Security Agency (CISA) warned individuals across the U.S.
Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns. Researchers are warning that « human operated » ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle.
EVRAZ operations in North America disrupted by Ryuk ransomware
EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. The company operates mainly in Russia, but also in Ukraine, Kazakhstan, Italy, Czech Republic, the United States, Canada, and South Africa. According to ZDnet, the systems at the company have been infected with a strain of the Ryuk ransomware.
Microsoft Shares Tactics Used in Human-Operated Ransomware Attacks
Microsoft today shared tips on how to defend against human-operated ransomware attacks known to be behind hundreds of millions of dollars in losses following campaigns targeting enterprises and government entities. Ransomware families such as Sodinokibi (REvil), Samas, Bitpaymer, DoppelPaymer, Dharma, and Ryuk are deployed by human operators, which makes these attacks a lot more dangerous than auto-spreading ransomware like NotPetya, WannaCry, or those installed via malware and phishing attacks.
Failles / vulnérabilités
Une faille impossible à corriger dans les puces Intel pourrait créer un » chaos total «
Mauvaise nouvelle pour les utilisateurs de puces Intel. Des chercheurs en sécurité de Positive Technologies ont découvert une faille dans la Boot ROM du Converged Security and Management Engine (CSME), un composant mémoire matériel qui est à la base de toute la chaîne de confiance cryptographique des ordinateurs Intel.
Virgin Media Admits Failing to Secure Online Database with Info on 900,000 Customers
Virgin Media admitted it left an unsecured database online containing personal data for about 900,000 customers, including their phone numbers, names, and physical addresses. When people hear about data breaches, they usually imagine hackers gaining access to secure systems, but that »s not always the case. Sometimes, data breaches have a simpler cause – pure negligence.
Alleged Vault 7 leaker trial finale: Want to know the CIA’s password for its top-secret hacking tools? 123ABCdef
Analysis The fate of the man accused of leaking top-secret CIA hacking tools – software that gave the American spy agency access to targets’ phones and computer across the world – is now in the hands of a jury. And, friend, do they have their work cut out for them.
Siri and Google Assistant hacked in new ultrasonic attack
Unsettling news for anyone who relies on smartphone voice assistants: researchers have demonstrated how these can be secretly activated to make phone calls, take photos, and even read back text messages without ever physically touching the device.
CIA Accused of Mounting 11-Year Cyber-Attack Against China
A security company has accused America’s Central Intelligence Agency (CIA) of waging an 11-year campaign of cyber-espionage against critical industries in the People’s Republic of China. Qihoo 360 announced yesterday that it had « discovered and revealed cyber-attacks by the CIA hacking group (APT-C-39) which lasts for eleven years against China. »
Police raid tech support scam centre who had their CCTV hacked by vigilantes
This article is more than 1 year old An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre. Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work.
Réglementaire / juridique
Un tribunal russe déclare que la reconnaissance faciale ne porte pas atteinte à la vie privée
Plusieurs pays se questionnent sur la reconnaissance faciale et la façon de déployer cette technologie tout en s’interrogeant sur les risques pour la vie privée. De son côté, la Russie semble avoir pris une décision assez clair vis-à-vis de cette dernière.
Switzerland files criminal complaint over Crypto spying scandal
VIENNA (Reuters) – The Swiss government has filed a criminal complaint over the U.S. Central Intelligence Agency’s alleged use of a cryptography company as a front to spy on various governments’ secret communications, the Swiss attorney general’s office said on Sunday.
Divers
Microsoft, Google Offer Free Remote Work Tools Due to Coronavirus
With employees either being quarantined after international travel or encouraged to work remotely due to the Coronavirus (COVID-19), Microsoft, Google, LogMeIn, and Cisco are offering free licenses to their meeting, collaboration, and remote work tools. Using these products, remote workers will be able to perform virtual meetings and chat with other employees while working remotely from their homes.
Singapore to introduce security label for smart home devices | ZDNet
Singapore is planning to introduce a Cybersecurity Labelling Scheme (CLS) for home routers and smart home hubs as part of efforts to increase awareness about using secured products. It also hopes the initiative will push manufacturers to deploy enhanced cybersecurity measures and create a mandate for a set of minimum security requirements for home routers.
Microsoft: 99.9% of compromised accounts did not use multi-factor authentication | ZDNet
Speaking at the RSA security conference last week, Microsoft engineers said that 99.9% of the compromised accounts they track every month don’t use multi-factor authentication, a solution that stops most automated account attacks. The cloud giant said it tracks more than 30 billion login events per day and more than one billion monthly active users.
1 Comment
Comments are closed.
Pingback: Veille Cyber N274 – 16 mars 2020 |