Les hackers proposent une trêve aux organisations sanitaires #veille (22 mars 2020)

In Carnet de veille
Déroulez ici

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

Vol / perte de données

200M Records of US Citizens Leaked in Unprotected Database

Researchers have not determined who owns the database, which was one of several large exposed instances disclosed this week. Researchers discovered an unprotected database holding 800GB of personal user information, including 200 million detailed user records. The entirety of the database was wiped on March 3.

Incident of the Week: Virgin Media Exposes Data of 900,000 People

The company attributed the hacking to a member of staff who had “incorrectly configured” the database, and promised it’s building a specific online service which will allow individuals to find out if they have been affected by the breach, and what information could have been visible.

German army’s sensitive data found on laptop bought from eBay

It is important that when an IT asset is disposed of, all sensitive information is destroyed for obvious purposes. However, there are times when an error may occur due to negligence leaking critical data in the process. One such incident occurred a few days ago when a German military laptop was sold on eBay for just €90 inclusive of the shipping cost.

Cyber-attaques / fraudes

All hands on deck: Infosec volunteers to protect medical organizations during COVID-19 crisis – CyberScoop

Hackers crossed a line last week when they struck the computer network of the Czech Republic’s second largest hospital as it was testing people for the novel coronavirus. Former White House and British intelligence officials condemned the cyberattack. It is the sort of digital depravity that U.S.

Ransomware Gangs to Stop Attacking Health Orgs During Pandemic

Some Ransomware operators have stated that they will no longer target health and medical organizations during the Coronavirus (COVID-19) pandemic. Last night, BleepingComputer reached out to the operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker, and Ako Ransomware infections to ask if they would continue targeting health and medical organizations during the outbreak.

A cyberattack hits the US Department of Health and Human Services – Security Affairs

According to Bloomberg, that cited three people familiar with the matter, a cyberattack hit the U.S. Department of Health and Human Services on Saturday night. People cited by Bloomberg confirmed that the cyber attack aimed at slowing the agency’s systems down. “The U.S.

Thousands of Coronavirus-related malicious domains are being created every day

Crooks and nation-state actors continue to exploit the interest of potential victims in the Coronavirus outbreak. In recent weeks, we observed that threat actors are creating thousands of coronavirus-themed websites on a daily basis. The sites are employed in a broad range of attacks, including phishing attacks, frauds, and malware-based attacks.

Norsk Hydro Outage May Have Been Destructive State Attack

The crippling ransomware attack on Norsk Hydro may have been a state-backed attempt to disrupt rather than extort money, and as such provides a “blueprint” for how similar future campaigns may work, Dragos has warned.

Failles / vulnérabilités

Réglementaire / juridique


Coronavirus: Europe, USA, Israël… les autorités s’emparent des données de localisation des smartphones – FrenchWeb.fr

Devenu l’épicentre du Covid-19, l’Europe accélère ses mesures de confinement et vient d’annoncer la fermeture des frontières de l’espace Schengen. Les autorités européennes s’organisent désormais pour endiguer l’épidémie au sein de leurs territoires, notamment en contrôlant les déplacements des citoyens grâce à leurs smartphones.

1 Comment

Comments are closed.

La newsletter