Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes avec une actualité à nouveau centrée autour des cyberattaques liées à COVID-19. Bonne lecture et belle semaine à vous !
Vol / perte de données
Zoom met son application à jour et ne transmet plus vos données à Facebook
Action, réaction. Zoom a été particulièrement efficace dans cette affaire de données transférées à Facebook. Il faut dire que ce n’est clairement pas le moment pour l’application de perdre de clients et de se faire une mauvaise image.
Third-party data breach exposes GE employees’ personal information
Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services.
Working from home? Switch off Amazon’s Alexa (say lawyers) | ZDNet
Those not used to working from home must be going through several stages of spiritual discomfort. Yes, ZDNet’s more experienced hands can help you acclimatize to the new working style, now that the pandemic has disrupted modern working life. Yet some professionals may not be so able to deal with life sans their office perks.
Cyber-attaques / fraudes
Les hôpitaux de Paris, cibles d’une attaque par déni de service en pleine crise du coronavirus
Lancée en pleine montée épidémique, l’offensive a pu être stoppée au bout d’une heure. Heureusement, aucune infrastructure sensible n’a été touchée.
Coronavirus and home working: Cyber criminals shift focus to target remote workers | ZDNet
Criminals are only just getting started when it comes to exploiting the global spread of coronavirus to profit from hacking and cybercrime, and the number of attacks is likely to rise, Europe’s law enforcement agency Europol has warned.
Les hackers chinois ne chôment pas pendant la crise du coronavirus
Le groupe de hackers chinois surnommé APT 41 (pour Advanced Persistent Threat 41) connu pour avoir extorqué de l’argent à l’industrie du jeu vidéo et potentiellement lié au gouvernement chinois, fait de nouveau parler de lui. Il mène une campagne de cyber-espionnage massive depuis le début de l’année.
#COVID19 Fears Drive Phishing Emails Up 667% in Under a Month
Phishing emails have spiked by over 600% since the end of February as cyber-criminals look to capitalize on the fear and uncertainty generated by the COVID-19 pandemic, according to Barracuda Networks. The security vendor observed just 137 incidents in January, rising to 1188 in February and 9116 so far in March.
Network of fake QR code generators will steal your Bitcoin | ZDNet
A network of Bitcoin-to-QR-code generators has stolen more than $45,000 from users in the past four weeks, ZDNet has learned. The nine websites provided users with the ability to enter their Bitcoin address, a long string of text where Bitcoin funds are stored, and convert it into a QR code image they could save on their PC or smartphone.
Google Warned Users of 40,000 State-Sponsored Attacks in 2019
Google says that it delivered almost 40,000 alerts of state-sponsored phishing or malware hacking attempts to its users during 2019, with a 25% drop when compared to the previous year. One of the reasons behind this notable drop in the number of government-backed hacking incidents is the increasingly effective protections Google sets up to protect its users.
Failles / vulnérabilités
–
Réglementaire / juridique
Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace – CyberScoop
Written by Jeff Stone Mar 25, 2020 | CYBERSCOOP Russian authorities arrested more than two dozen people as part of a law enforcement operation against an alleged network of illicit websites where users bought and sold stolen payment cards and personal data.
Feds shut down bogus COVID-19 vaccine site
A free coronavirus vaccine from the World Health Organization (WHO), for only $4.95 to cover shipping costs?!? Nah, we didn’t think so, either. On Sunday, the US Department of Justice (DOJ) announced that it shut down what it called a wire fraud scheme being carried out by the operators of a site in order to squeeze profit from the confusion and widespread fear surrounding COVID-19 – by promising to ship coronavirus vaccine kits that don’t actually exist.
Divers
Le trafic Internet mondial en hausse de 70% en raison du confinement
Un tiers de la population mondiale est confinée depuis plusieurs semaines. Une partie d’entre nous continue de travailler à domicile , tandis que d’autres travailleurs sont forcés d’être à l’arrêt. Les conséquences de ce nouveau mode de vie sont immédiates : le trafic Internet a considérablement augmenté.
Europol eradicates criminal gangs flogging fake coronavirus medicine, surgical masks | ZDNet
Europol has seized €13 million in drugs being illegal peddled to consumers concerned about contracting coronavirus. On Monday, the European law enforcement agency said a worldwide investigation, dubbed Operation Pangea, has brought together police from over 90 countries in a bid to stem a rising flood of criminal enterprises relating to COVID-19.
Coronavirus: la Commission européenne s’empare des données de géolocalisation des smartphones
La Commission européenne devrait recevoir » dans les prochains jours » de la part de plusieurs opérateurs de télécoms des données de géolocalisation anonymisées afin d’anticiper les pics de propagation de l’épidémie de coronavirus, a indiqué mercredi une source à la Commission.
Hackers review
https://www.hackers-review.tech/2020/04/contact-tracing-app-not-safe-if.html