mercredi , 30 septembre 2020

Marriott perd les données de 5.2 millions clients et le problème Zoom #veille (5 avril 2020)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

Vol / perte de données

Millions of Guests Impacted in Marriott Data Breach, Again

The second breach in less than 24 months stemmed from employee account compromises. For the second time in two years, the Marriott hotel empire has suffered a major data breach. This time, approximately 5.2 million guests have been affected.

Personal details for the entire country of Georgia published online | ZDNet

The personal details for more than 4.9 million Georgians, including deceased citizens, has been published on a hacking forum over the weekend, on Saturday. Personal information such as full names, home addresses, dates of birth, ID numbers, and mobile phone numbers were shared online in a 1.04 GB MDB (Microsoft Access database) file.

14 million Key Ring users exposed in open database | SC Media

A misconfigured Amazon Web Services S3 bucket has exposed the data of about 14 million users of the popular Key Ring app that includes some payment and medical card information. The database was discovered by vpnMentor’s Noam Rotem and Ran Locar who found 44 million records were open to public viewing.

“Secure” cloud storage provider exposes customer data in plain-text

Another day, another data breach – This time, researchers have identified a massive trove of data exposed on an unprotected Amazon S3 bucket. The worse part of it is that anyone with an Internet connection could access the data since it was left without any security authentication.

Cyber-attaques / fraudes

https://www.rts.ch/info/sciences-tech/technologies/11205155-cybercrimes-et-arnaques-augmentent-avec-la-pandemie-la-police-met-en-garde.html
https://korii.slate.fr/tech/covid19-cybercriminalite-hackers-cyberattaques-hopitaux-personnel-soignant-resistance-riposte-cybersecurite

Beware of ‘ZoomBombing’: screensharing filth to video calls

The world is vulnerable to a new type of trolling as people turn to Zoom video calls to feel connected amidst quarantines. Jerks are using Zoom’s screensharing feature to blast other viewers with the most awful videos from across the internet, from violence to shocking pornography. That&#8217…

https://www.infosecurity-magazine.com/news/hospitals-vpns-ransomware-covid19/

Zoom announces 90-day feature freeze to fix privacy and security issues

Zoom is promising to address its security and privacy issues in a 90-day feature freeze. It comes just as Zoom reveals 200 million people have been using its video calling app daily during the coronavirus pandemic, a huge increase from the 10 million back in December.

Des virus Covid-19 attaquent et effacent le contenu des ordinateurs – Geeko

Les cyberattaques sur fond de coronavirus explosent depuis le début de l’épidémie. Alors que la population mondiale se réfugie sur Internet pour se divertir et rester en contact, les cybercriminels multiplient les attaques et les moyens de profiter de la situation. En plus des tentatives d’hameçonnage par mail ou via des faux sites Internet liés …

Un pirate se défait de 15 000 serveurs Elasticsearch en deux semaines

Technologie : Un pirate informatique a pillé 15 000 serveurs Elasticsearch laissés sans protection sur la toile en signant son forfait du nom d’une célèbre société de cybersécurité. Son fondateur évoque un réglement de compte.

https://securite.developpez.com/actu/299086/Un-groupe-de-pirates-informatiques-deploie-des-portes-derobees-sur-des-milliers-de-serveurs-Microsoft-SQL-chaque-jour-et-execute-des-logiciels-malveillants-selon-des-chercheurs/

New Magecart Skimmer Compromised 19 Different Websites

A new Magecart skimmer has surfaced online that compromised a least 19 different websites in a recent campaign. While the skimmer was new, it served the same old purpose – stealing payment card data from websites. Researchers from RiskIQ have discovered a new Magecart skimmer that took over numerous websites in a recent campaign.

FBI Warns of Attacks on Remote Work, Distance Learning Platforms

FBI’s Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning caused by the SARS-CoV-2 pandemic.

Incident Of The Week: Health and Human Services Hit with Security Breach

On March 15th, the HHS’s network security system detected a sharp increase in activity. Over several hours, hackers tried to overload the department’s servers with millions of requests. The hackers weren’t able to steal any data, but that didn’t seem to be the point of the attack.

Zoom Phishers Register 2000 Domains in a Month

Over 2000 new phishing domains have been set up over the past month to capitalize on the surging demand for Zoom from home workers, according to new data from BrandShield. The brand protection company analyzed data from its threat hunting system since the start of the year, and found 3300 new domains had been registered with the word “Zoom” in them.

Failles / vulnérabilités

Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’ – CyberScoop

Zoom’s founder says the company behind the popular videoconferencing app will spend the next 90 days focused on fixing security issues. In a blog post Thursday, Zoom founder Eric S. Yuan said the technology firm is enacting a “feature freeze,” in which employees will turn their attention from enhancing usability toward tightening data protection.

NATO Report Warns of New Authoritarian Chinese Splinternet

Chinese government plans to push through standardization of a new internet architecture could broaden the threat landscape, destabilize security and privacy, and fragment the world wide web, a new NATO report seen by Infosecurity will warn. First proposed at the UN’s International Telecommunication Union (ITU) last September, the plans call for a replacement to the current TCP/IP model, dubbed “New IP.”

Twitter reveals Mozilla Firefox bug that stores your direct…

Twitter recently warned users of a Mozilla Firefox bug that grants access to accounts’ non-public information to anyone using the device. “We recently learned that the way Mozilla Firefox stores cached data may have resulted in non-public information being… #firefox #MozillaFirefoxbug #twitter

Réglementaire / juridique

FBI accuses Russian man of laundering money for a transnational cybercrime network – CyberScoop

FBI agents have arrested a Russian citizen accused of laundering money for a cybercriminal gang that allegedly stole funds from a range of U.S. banks. A complaint unsealed Monday against Maksim Boiko, 29, alleges that he worked with a transnational organized crime group, called QQAAZZ, by converting stolen money into cryptocurrency.

Dark Web child abuse gang busted; 15TB of files seized

Last month HackRead.com reported about a worldwide police operation against child pornography content sites that led to the seizing of DarkScandals and the arrest of its administrator Mr. Dark. The website was reportedly offering over 2,000 images and videos of objectionable content including real footage of violent rape, blackmailing, and child abuse material.

Divers

https://www.ictjournal.ch/news/2020-04-01/le-conseil-federal-facilite-lemission-de-la-signature-electronique

ICTswitzerland étoffe son test de cybersécurité pour les PME

L’association faîtière ICTswitzerland révise son test rapide qui permet aux PME de dresser un état des lieux de leur sécurité en matière d’IT et lance un Cybersecurity Toolkit en collaboration avec la Global Cyber Alliance et l’Académie suisse des sciences techniques (SATW). Le kit contient une série d’outils et d’instructions concrètes pour une utilisation sûre d’internet.

Le ministre Jean-Michel Blanquer est devenu la risée des twittos… à cause de hackers russes

Justifier en partie les ruptures techniques des espaces numériques de travail par des cyberattaques ” venues de Russie ” n’était probablement pas le meilleur réflexe de communication.

About Marc Barbezat

Blogueur et spécialiste en cybersécurité

Check Also

kit premier secours

Un guide du NIST pour se rétablir après une attaque de ransomware

Le NIST a publié un guide pratique sur la cybersécurité que les entreprises peuvent utiliser pour se remettre d'attaques de type ransomware

Un dealer du darknet trahi … par ses empreintes digitales

Voici le récit intéressant qui montre comment un e-baron de la drogue est tombé grâce à une simple photographie.

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

La newsletter