Garmin cryptolocké et 3 ados chargés pour l’attaque de Twitter #veille #été (3 août 2020)

Voici un bref rapport de veille pendant cet été et faisant le tour des principales actualités du moment. Bonne lecture et belle semaine à vous !

un petit clic pour ma veille

Vol / perte de données

Flaws in OkCupid app could have exposed millions of user data to hackers

Dating apps have for long been used as a replacement for the effort one may need to exert out in the physical world to find a suitable match. Naturally, this makes it a collection space for personal user details and preferences attracting malicious actors who may want to leverage such information to their advantage.

Les données des utilisateurs de l’application de rencontre OkCupid en danger ?

Sécurité : Comme l’a relevé la société Check Point, l’application de rencontre OkCupid contient une faille de sécurité mettant en danger les données de ses utilisateurs. Un problème d’ores et déjà résolu, explique la plateforme.

Cosmetics Giant Avon Leaks 19 Million Records

A misconfigured cloud server at global cosmetics brand Avon was recently discovered leaking 19 million records including personal information and technical logs. Researchers at SafetyDetectives led by Anurag Sen told Infosecurity that they found the Elasticsearch database on an Azure server publicly exposed with no password protection or encryption.

Cyber-attaques / fraudes

No More Ransom: how 4 millions victims of ransomware have fought back against hackers

While the world is in the grip of a coronavirus outbreak, another virus is quietly wreaking havoc. Although this virus has been around for years, its cases have been rising alarmingly in the past few months and has brought critical activities such as hospitals and governments to a standstill.

Garmin outage caused by confirmed WastedLocker ransomware attack

08/01/20 Update: Sources had told BleepingComputer that Garmin paid the ransomware. Today, in a new article we describe how we obtained the WastedLocker decryptor acquired by Garmin and a restoration package created by their IT department.

Confirmed: Garmin received decryptor for WastedLocker ransomware

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack. On July 23rd, 2020, Garmin suffered a worldwide outage where customers could not access their connected services, including the Garmin Connect, flyGarmin, Strava, inReach solutions.

Travel company CWT avoids ransomware derailment by paying $4.5m blackmail demand

According to reports, Minnesota-based business travel company CWT is the latest victim of the latest trend in ransomware. In fact, we’re probably at the point where we need to stop calling them just “ransomware” attacks, because it’s increasingly common that there’s a lot more to these attacks than just locking you out of your files, which is how we usually think of ransomware.

Près de 4 000 bases de données effacées lors d’attaques ” Meow ” | WeLiveSecurity

Les agresseurs et leurs motivations restent inconnus. Cependant, ces incidents mettent une fois de plus en évidence les risques de données mal sécurisées. Des milliers de bases de données Internet non sécurisées ont fait l’objet d’attaques automatiques de type Meow (équivalent anglais de ” miaou “) qui impliquent la destruction des données sans même laisser de note explicative.

North Korean Hackers Sniffing for US Defense Secrets

North Korea is most likely behind a new cyber-espionage campaign targeting US defense and aerospace firms earlier this year, according to McAfee. The security firm’s Advanced Threat Research (ATR) group said it detected similarities in TTPs with previous campaigns in 2017 and 2019 which were attributed to Hidden Cobra – the umbrella term used to refer to Pyongyang’s Lazarus, Kimsuky, KONNI and APT37 groups.

Kaspersky Uncovers New APT “Mercenary” Group

Security researchers at Kaspersky have uncovered a new cyber-mercenary group that they claim has been providing hacking services for hire for almost a decade. Dubbed “Deceptikons,” the APT group isn’t particularly sophisticated from a technical perspective and isn’t known to have deployed any zero-day threats during that time, the Russian AV vendor said in a Q2 round-up report.

How the FBI tracked down the Twitter hackers | ZDNet

After earlier today US law enforcement charged three individuals for the recent Twitter hack, with the help of court documents released by the DOJ, ZDNet was able to piece together a timeline of the hack, and how US investigators tracked down the three suspected hackers.

Failles / vulnérabilités

Zoom bug allowed attackers to crack private meeting passwords

A lack of rate limiting on repeated password attempts allowed potential attackers to crack the numeric passcode used to secure Zoom private meetings as discovered by Tom Anthony, VP Product at SearchPilot. “Zoom meetings are (were) default protected by a 6 digit numeric password, meaning 1 million maximum passwords,” as Anthony discovered.

Réglementaire / juridique

EU tries to get serious on cybercrime with first sanctions against Wannacry, NotPetya, CloudHopper crews

The European Union has, for the first time ever, slapped sanctions on hacking crews. The EU’s Council of Ministers has cracked down on six individuals and three companies in China, North Korea, and Russia for breaking into computer networks, stealing information, and spreading malware.

Florida Teenager Is Charged as ‘Mastermind’ of Twitter Hack (Published 2020)

The authorities arrested a 17-year-old who they said ran a scheme that targeted the accounts of celebrities, including former President Barack Obama and Elon Musk. Two others were also charged. OAKLAND, Calif. – One by one, the celebrity Twitter accounts posted the same strange message: Send Bitcoin and they would send back double your money.

GandCrab ransomware distributor arrested in Belarus | ZDNet

In a press release last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man on charges of distributing the GandCrab ransomware. The man, whose name was not released, was arrested in Gomel, a small city in southeastern Belarus, at the intersection with the Russian and Ukraine border.


Un hacker justicier désamorce un botnet en remplaçant le malware par… des GIFs animés

Grâce à l’affichage des GIFs, les utilisateurs sont prévenus que leurs ordinateurs sont infectés et le malware est révélé au grand jour.

Veilleur et spécialiste en cybersécurité


Me suivre: