Cybersécurité Pour décoder l'actualité sur la cybersécurité , le cybercrime et les cyberattaques
Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Personal data of 16 million Brazilian COVID-19 patients exposed online
The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among the systems that had credentials exposed were E-SUS-VE and Sivep-Gripe, two government databases used to store data on COVID-19 patients.
Sophos security breach exposes customer support records
This article is more than 2 years old « An access permission issue in a tool used to store information on customers » Well, this is awkward. Security firm Sophos is contacting « a small subset » of its customers warning that their details have been exposed following a breach in security.
Spotify Users Hit with Rash of Account Takeovers
Users of the music streaming service were targeted by attackers using credential-stuffing approaches. Subscribers of Spotify streaming music service may have experienced some disruption, thanks to a likely credential-stuffing operation. Credential stuffing takes advantage of people who reuse the same passwords across multiple online accounts.
NHS Error Exposes Data on Hundreds of Patients and Staff
Hundreds of NHS patients and staff have had their personal data exposed to strangers after internal process failures, it has emerged this week. Human error at NHS Highland earlier this month led to the personal information of 284 patients with diabetes being shared via email with 31 individuals, according to local reports.
Fertility Patients’ Sensitive Personal Information Stolen During Ransomware Attack
US Fertility network took two months to go public about attack. Health information of patients may be at risk. Fertility clinics across the United States have been struck by a ransomware attack that has not only encrypted networks, but also stolen patients’ sensitive personal and medical information.
A hacker is selling access to the email accounts of hundreds of C-level executives
A threat actor is currently selling passwords for the email accounts of hundreds of C-level executives at companies across the world. The data is being sold on a closed-access underground forum for Russian-speaking hackers named Exploit.in, ZDNet has learned this week.
Hundreds of female sports stars and celebrities have their naked photos and videos leaked online
Threat actors have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. The attack took place in the same hours as hackers hit Manchester Unitedand brings us back to mind the Fappening cases that exposed online cache of nude photos and videos of celebrities back in 2014.
Cyberattaques / fraudes
COVID Vaccine Maker AstraZeneca Targeted by Alleged North Korean Hackers
Reuters today is running a story saying « suspected » North Korean hackers have targeted employees at British drugmaker AstraZeneca in an attempt to infect their computers with malware. The company is one of the leading groups developing a promising COVID-19 vaccine.
Sopra Steria expects €50 million loss after Ryuk ransomware attack
French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million. Sopra Steria is a European information technology firm with 46,000 employees in 25 countries providing a large array of IT services, including consulting, systems integration, and software development.
Hackers Dupe GoDaddy Into Helping Them Take Down Cryptocurrency Sites
Roughly one year after a data breach at GoDaddy compromised 28,000 customer accounts, the world’s largest internet domain registrar is once again at the center of a security scandal. Hackers brought down several cryptocurrency services using GoDaddy domains in recent weeks, and apparently the company’s own staff…
Brazilian government recovers from « worst-ever » cyberattack
After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution, the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to get its systems back up and running, after more than two weeks facing disruption.
FBI warns of criminals spoofing its website domain names
The FBI is warning internet users to be on their guard against copycat websites that spoof FBI-related domain names. According to a public service announcement issued today by Federal Bureau of Investigation, it has observed cybercriminals registering « numerous domains spoofing legitimate FBI websites. »
Failles / vulnérabilités
Zoom : un journaliste s’immisce dans une réunion secrète de ministres européens
La ministre de la Défense néerlandaise a tweeté une photo sur laquelle on pouvait distinguer le code d’accès à la visioconférence avec ses homologues européens. Ce qui n’est pas passé inaperçu. La séquence est hilarante.
Une faille critique permettait de prendre le contrôle de dizaines de millions de sites Web
L’authentification forte d’un outil d’administration particulièrement populaire pouvait facilement être contournée par force brute. Un patch a déjà été diffusé. Des chercheurs en sécurité de Digital Defense ont détecté une méchante faille dans cPanel, un outil d’administration de sites Web implémenté pour plus de 70 millions de domaines.
Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs
A hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices. Present on the list of vulnerable targets are domains belonging to high street banks and government organizations from around the world.
Smart Doorbells Are Wide Open to Security Flaws
A consumer rights group has found security vulnerabilities in 11 popular smart doorbell products available on two of the world’s biggest online marketplaces. Which? enlisted the help of researchers at NCC Group to run tests on the smart devices they found on eBay and Amazon, many of which had scores of five-star reviews, were recommended as « Amazon’s Choice, » or on a bestsellers list.
Réglementaire / juridique
Romanians arrested for running underground malware services
Romanian police forces have arrested this week two individuals suspected of running two malware crypter services called CyberSeal and DataProtector, and a malware testing service called CyberScan. The arrests are the result of a joint operation conducted with the support of the FBI, Europol, Australian, and Norwegian police.
US Police Make Arrest in $1m Airplane Scam
Police in the United States have made an arrest in connection with a million-dollar cyber-scam involving the sale of an airplane in Australia. An investigation was launched in 2018 after a Business Email Compromise (BEC) attack interfered with digital communications between a company in New Zealand that was buying an airplane and a company in Australia that was selling it for $1,028,000.
Home Depot agrees to $17.5 million settlement over 2014 data breach
Home Depot has agreed to a $17.5 million settlement in a multi-state investigation of a data breach suffered by the company in 2014. Delaware Attorney-General Kathy Jennings announced the settlement on Tuesday, in which a total of 46 states, as well as the District of Columbia, have reached a resolution with the US retailer.
Nigerians Arrested Over International BEC Scam
Alleged members of a Nigerian cybercrime gang that compromised 500,000 companies and government organizations in more than 150 countries have been arrested. The arrests were made in Lagos as part of the year-long, INTERPOL-led Operation Falcon targeting cyber-criminals who use business email compromise (BEC) scams to steal money.
Divers
Suspected Chinese hackers impersonate Catholic news outlets to gather intel about Vatican diplomacy
After months of public reporting on a suspected Chinese hacking campaign targeting entities linked with diplomacy between the Vatican and Beijing, the hackers are still trying their luck. Researchers at the security firm Recorded Future first called out hackers affiliated with a group called Mustang Panda in July for their efforts to conduct espionage against targets involved in negotiations about the operations of the Catholic Church in China, a historically fraught topic.
2 commentaires
Pingback: Veille Cyber N312 – 07 décembre 2020 |
Pingback: Le fabricant de vaccins AstraZeneca pris pour cible par des hackers nord-coréens #veille (29 nov 2020) – Ken Gilmour