Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Home security cams hacked in Singapore, and stolen footage sold on adult websites
Unsecured home security cameras hijacked * Stolen images circulate on Discord * Everyone needs to take IoT security more seriously In Singapore it’s not at all uncommon today for people to have IP cameras all over their homes.
Barnes & Noble cyber incident could expose customer shipping addresses, order history – CyberScoop
Written by Shannon Vavra Oct 15, 2020 | CYBERSCOOP Barnes & Noble told customers it was the victim of a cyberattack that led to « unauthorized and unlawful access » of its corporate systems. Barnes & Noble didn’t detail the entire nature of the « cybersecurity attack » in its email Wednesday, but confirmed that customers’ shipping addresses, billing addresses, email addresses and phone numbers could have been exposed.
Cybercriminals Steal Nearly 1TB of Data from Miami-Based International Tech Firm
Databases of sensitive, financial and personally identifiable info and documents from Intcomex were leaked on Russian-language hacker forum after a ransomware attack. Hackers have stolen nearly a terabyte of data from a Miami-based tech firm, leaking a number of the pilfered files (including full credit-card information, scans of sensitive documents such as passports, bank statements and financial documents, and even customer databases) on a Russian hacker forum.
Cyber-attaques / fraudes
Norway says Russian hackers carried out breach at parliament
Russian state-sponsored hackers were behind a breach of the Norwegian parliament in August in which attackers stole data from lawmakers’ email accounts, Norwegian officials alleged on Tuesday. « This is a very serious incident, affecting our most important democratic institution, » Norway Foreign Affairs Minister Ine Eriksen Søreide said in a statement.
Une arnaque à la fausse mise à jour a permis de derober 22 millions de dollars en bitcoin
Sécurité : Des groupes cybercriminels envoient de fausses mises à jour aux propriétaires de portefeuilles Electrum, installent des logiciels malveillants et volent les fonds des utilisateurs. Une technique simple a permis à des groupes cybercriminels de voler plus de 22 millions de dollars en cryptomonnaie à des utilisateurs de l’application de portefeuille Electrum ; une enquête de ZDNet a permis de découvrir cette technique.
Android ransomware learns new tricks to lock devices
This article is more than 1 year old Microsoft security experts claim to have uncovered the latest trick being used by Android ransomware. In a blog post, the Microsoft 365 Defender Research Team details how a new ransomware variant has found a new way to subvert Android’s built-in protection mechanisms to lock devices and hold them to ransom.
Iranian APT group hits schools, universities in global spear phishing attacks
The IT security researchers at Malwarebytes and Peter Kruse from the CSIS Security Group have reported on an Iranian APT (advanced persistent threat) group also known as Silent Librarian, TA407, and COBALT DICKENS that has been targeting schools and universities around the world with spear phishing attacks.
Iran Reports Two Major Cyber-Attacks
Iran has reported falling victim to two large-scale cyber-attacks, one of which was leveled at the country’s government institutions. The Iranian government’s Information Technology Organization on Thursday reported that two institutions had been compromised by attackers. No party has claimed responsibility for the attack, and Iranian government officials have not stated whether the attack was domestic or foreign.
Software AG Continues Efforts Against $20M Ransomware Attack
The attack, which now includes extortion components, has moved into its second week. Software AG, Germany’s second-largest software company (after SAP) continues to struggle with a ransomware attack that has evolved into an extortion bid carrying a $20 million payoff demand.
Failles / vulnérabilités
Microsoft and Other Tech Companies Take Down TrickBot Botnet
The Joint Collaboration, US Government, Microsoft and Other Tech Companies Take Down TrickBot Botnet.
Hackers used VPN flaws to access US govt elections support systems
Government-backed hackers have compromised and gained access to US elections support systems by chaining together VPN vulnerabilities and the recent Windows CVE-2020-1472 security flaw. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) says that advanced persistent threat (APT) actors used this vulnerability chaining tactic to target federal and SLTT (state, local, tribal, and territorial) government networks, as well as election organizations, and critical infrastructure.
Singapore tightens security requirements for new home routers | ZDNet
Come April 13 next year, home routers will have to meet new security requirements before they can be put up for sale in Singapore. These include unique login credentials and default automatic downloads of security patches.
Réglementaire / juridique
Morgan Stanley à l’amende de 60 M$ pour avoir mal protégé ses données clients – Le Monde Informatique
Le bureau de contrôle du Trésor américain estime que Morgan Stanley n’a pas suffisamment surveillé les sous-traitants chargés de décommissionner deux de ses datacenters aux Etats-Unis en 2016. Un manquement réitéré 3 ans plus tard sur un autre arrêt d’infrastructure. La banque écope d’une amende de 60 000 M$.
German authorities raid FinFisher offices | ZDNet
German authorities have raided the offices of FinFisher, a German software company that makes surveillance tools, accused in the past of providing software to oppressive regimes. The raids took place earlier this month, on October 6 and October 8, and were ordered by the Munich Public Prosecutor’s Office.
British Airways fined £20m over data breach
« When organisations take poor decisions around people’s personal data, that can have a real impact on people’s lives. The law now gives us the tools to encourage businesses to make better decisions about data, including investing in up-to-date security, » said Information Commissioner Elizabeth Denham.
New York faults Twitter for lax security measures prior to big account breach
The scammers who hijacked celebrity Twitter accounts to promote cryptocurrency in July did so by posing as a customer support team in a breach that caught Twitter’s security team flat-footed, a New York regulator said in a report Wednesday.
German authorities raid FinFisher offices | ZDNet
German authorities have raided the offices of FinFisher, a German software company that makes surveillance tools, accused in the past of providing software to oppressive regimes. The raids took place earlier this month, on October 6 and October 8, and were ordered by the Munich Public Prosecutor’s Office.
Surveillance électronique record dans le canton de Vaud
En 2019, le canton de Vaud a ordonné 981 mandats de recherches par champ d’antennes. La plupart serait en lien avec l’enquête sur les attaques de fourgons blindés. Une opération de surveillance qui aurait exposé des dizaines de milliers de citoyens.
Divers
L’accélérateur Tech4Trust retient plus de vingt start-up pour sa deuxième édition
Consacré à la confiance numérique et désormais intégré à l’initiative Trust Valley, l’accélérateur Tech4Trust a sélectionné 27 start-up pour sa deuxième édition. Les jeunes pousses retenues sont actives dans les domaines de la cybersécurité, de la blockchain, de la protection de la sphère privée ou encore de la traçabilité.
Un système de reconnaissance faciale unique au monde fait ses débuts à Singapour
C’est officiel : les 5 millions d’habitants de Singapour vont désormais accéder aux services gouvernementaux en utilisant un système de reconnaissance faciale, une première mondiale. Si le gouvernement salue cette grande avancée technologique, certains défenseurs des droits humains s’inquiètent de ses usages cachés.
1 Comment
Comments are closed.
Pingback: Veille Cyber N306 – 26 octobre 2020 |