Travelex aurait payé une rançon de 2,3 millions $ et Zoom envoie des données via la Chine #veille (12 avril 2020)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

un petit clic pour ma veille

Vol / perte de données

Maropost customer database exposes 95 million email records

A leaky online database belonging to marketing and email delivery provider Maropost was found lacking minimum security measures, exposing 95 million email records belonging to their customers. Researchers from Cybernews stumbled on the unprotected database on a Google Cloud server in the U.S., and noted that it contained 19,214,884 unique email IDs used in 95 million records, and email logs with timestamps and email recipient information.

Elasticsearch Database with 42 Million Records of Iranian Citizen Found Exposed Online

An Elasticsearch database holding 42 million records of Iranian Telegram users was found on the web, for anyone to access. The private data included phone numbers and user names, and it »s unclear how long it was exposed. Despite heavy restrictions targeting the Telegram app in Iran, it remains one of the most-used communication platforms in the country.

Zoom Blow as Thousands of User Videos Are Found Online

Researchers have discovered thousands of private Zoom recordings exposed online, in another blow to the firm’s security credentials as it struggles to support a huge surge in users. Former NSA researcher Patrick Jackson told The Washington Post that he was able to find the videos via a simple cloud storage search.

Vol de données d’un fournisseur de messagerie électronique: 600000 victimes | WeLiveSecurity

Les données personnelles des utilisateurs sont désormais accessibles sur le web noir pour une valeur comprise entre 3 500$ et 22 000$ US, en Bitcoin. Les données personnelles de plus de 600 000 utilisateurs d’Email.it ont été volées et mises en vente sur le web noir.

Cyber-attaques / fraudes

Hacking forum gets hacked for the second time in a year | ZDNet

OGUsers, one of the most popular hacking forums on the internet, disclosed today a security breach, the second such incident in the past year. « It appears that someone was able to breach the server through a shell in avatar uploading in the forum software and get access to our current database dating April 2, 2020, » said Ace, the forum’s administrator.


San Francisco airport websites hacked to swipe personal device credentials

The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.

Interpol warns hospitals about COVID-19-based ransomware threat

The latest in-depth, unbiased news, analysis and perspective to keep cybersecurity professionals informed, educated and enlightened about the market.

Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay

Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand.

Travelex Reportedly Paid $2.3 Million Ransom to Restore Operations

Travelex reportedly paid a $2.3 million ransom payment to get their systems back online after being encrypted by a Sodinokibi ransomware attack. In an attack this past New Year’s Eve, hackers deployed the Sodinokibi ransomware throughout Travelex’s network causing them to shut down operations at 1,500 stores across the world.

Un opérateur de télécommunications russe détourne le trafic internet

Sécurité : Rostelecom a été impliqué dans un incident de détournement BGP cette semaine, affectant plus de 200 CDN et fournisseurs de Cloud. Plus tôt cette semaine, le trafic destiné à plus de 200 des plus grands réseaux de distribution de contenu (CDN) et hébergeurs cloud du monde a été redirigé de manière suspecte via Rostelecom, le fournisseur d’accès internet d’Etat russe.

Failles / vulnérabilités

Zoom : le service de vidéoconférence de nouveau épinglé pour la qualité médiocre de son chiffrement

Contrairement à ce qui est affirmé sur le site web de ce service de vidéoconférence, les flux audio et vidéo ne sont pas chiffrés en AES 256 bits, mais en AES 128 bits et selon un mode particulièrement faible et peu recommandable. Pire : les clés de chiffrement étaient parfois stockées…

Réglementaire / juridique

US Warns People that Zoom-bombing Is a Crime

Zoom-bombing, the act of highjacking Zoom video conferences by sharing pornographic and hate images among other things, might seem like an annoying practice, but law enforcement is warning people that it »s actually a crime and perpetrators might end up in prison.

Dutch police arrests suspect behind DDoS attacks on government sites

A 19-year old man from Breda, Netherlands, was arrested today for allegedly carrying out distributed denial-of-service (DDoS) attacks that caused two Dutch government websites to shut down for several hours on March 19, 2020. The investigation was led by a public prosecutor from The Hague and was carried out by a cybercrime team from Utrecht’s Dutch police focused on mitigating and examining DDoS attacks.ack. »

Dutch Police takes down 15 DDoS-for-hire services in one week

Europe has become a hub for cyber crimes ranging from online child abuse platforms to DDoS-for-hire services and dark web marketplaces being operated from the continent. At the same time, law enforcement authorities are doing what’s possible to tackle the issue.

SEC settles with two suspects in EDGAR hacking case | ZDNet

The US Securities Exchange Commission has settled charges today with two of the nine people it suspects have been involved in hacking its EDGAR database in 2016. David Kwon and Igor Sabodakha agreed to pay fines and restitution, the SEC said in a press release.

Australians Arrested Over $2.6m Email Scam

Police in Australia have arrested two men in connection with a $2.6m BEC (business email compromise) scam involving phony invoices. The men are believed to be part of a syndicate responsible for emailing businesses with invoices doctored to divert transferred funds into the scammers’ personal bank accounts.

No Title

No Description


Zoom’s fall: Google bans Zoom from staffers’ gear | ZDNet

A few weeks ago, Zoom was riding high. Zoom had become a verb. You didn’t video-conference, you Zoomed. Then came the constant drumbeat of one Zoom security problem after another, including the infamous Zoombombing. Zoom fought back with security fixes. But it may be too little too late.

China and Taiwan aren’t great friends. Zoom sends chats through China. So Taiwan has banned Zoom

A parliamentary order issued yesterday says the nation’s Department of Cyber Security (DCS) has decided that when government agencies, and some private entities, use videoconferencing: « The underlying video software to be used should not have associated security or privacy concerns, such as the Zoom video communication service. »

Veilleur et spécialiste en cybersécurité

Comments are closed.