Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Data of 243 million Brazilians exposed online via website source code
The password to access a highly sensitive Ministry of Health database was stored inside a government site’s source code.
Cayman Islands Bank Records Exposed in Open Azure Blob
An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.
Un hacker revend les données personnelles de grands directeurs sur un forum russophone
Un hacker mène une vaste opération de revente de combinaisons d’e-mails et de mots de passe de comptes Office 365 sur un forum russophone.
Cyberattaques / fraudes
Hackers Target Covid-19 Vaccine Distribution ‘Cold Chain,’ Though Motives Remain Unknown
Hackers “assumed to be state agents” have been waging a phishing campaign against pharmaceutical firms and other institutions involved in the forthcoming distribution of a vaccine against covid-19, IBM announced on Thursday.
This new cyberattack can dupe DNA scientists into creating dangerous viruses and toxins
The research highlights the potential dangers of new ‘biohacking’ techniques.
Manchester United Cyberattack Highlights Controversy in Paying Ransomw
The Premier League English football (soccer) club team is reportedly being held to ransom by cyberattackers. Manchester United may face a difficult decision: wh
North Korean hackers ramp up coronavirus vaccine targeting
An espionage shop with suspected ties to the North Korean government has been on a hacking spree targeting companies working on coronavirus vaccines.
Vancouver Metro Disrupted by Egregor Ransomware
The attack, which prevented Translink users from using their metro cards or buying tickets at kiosks, is the second from the prolific threat group just this week.
Royal Dutch Cycling Union Disclosed Ransomware Attack
Joining the list of latest cyberattack victims, now comes a Dutch national governing body. Reportedly, the Royal Dutch Cycling Union has suffered a ransomware attack. The attackers have demanded ransom for the entity to regain
Russian hacking group uses Dropbox to store malware-stolen data
Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of a European Union country.
Ransomware Attack Closes Baltimore County Public Schools (Published 2020)
The attack, first discovered late Tuesday, disrupted the district’s websites and remote learning programs, as well as its grading and email systems, officials said.
Hacker-for-hire group develops new stealthy Windows backdoor
Kaspersky researchers discovered a previously undocumented Windows PowerShell malware dubbed PowerPepper and developed by the hacker-for-hire group DeathStalker.
Quand l’aspirateur-robot se transforme en espion
Des chercheurs en sécurité ont mis au point une attaque qui exploite le capteur lidar d’appareils connectés pour aspirer des conversations.
Failles / vulnérabilités
FBI warns of email forwarding rules being abused in recent hacks
FBI: “The web-based client’s forwarding rules often do not sync with the desktop client, limiting the rules’ visibility to cyber security administrators.”
Android apps with 200 million installs vulnerable to security bug
Android apps with over 250 million downloads are still susceptible to a severe vulnerability in a Google library that was patched in August 2020.
Manipulating Systems Using Remote Lasers
Many systems are vulnerable: Researchers at the time said that they were able to launch inaudible commands by shining lasers-from as far as 360 feet-at the microphones on various popular voice assistants, including Amazon Alexa, Apple Siri, Facebook Portal, and Google Assistant. […]
Réglementaire / juridique
Le service mail ” le plus sécurisé au monde ” contraint d’intégrer une backdoor pour la police
Cette histoire rappelle que seuls les messages chiffrés de bout en bout ne peuvent véritablement être à l’abri d’une surveillance.
Hacker Gets 8 Years in Prison for Threats to Schools, Airlines
A North Carolina man was sentenced to 95 months in federal prison for his involvement in multiple cyber and swatting attacks.
Divers
L’app suisse Threema, alternative à WhatsApp, jugée très sûre
L’application Threema a réussi haut la main un contrôle de cybersécurité exécuté par des experts informatiques indépendants.
Partager cette info
- Cliquez pour partager sur LinkedIn(ouvre dans une nouvelle fenêtre)
- Cliquez pour partager sur Telegram(ouvre dans une nouvelle fenêtre)
- Cliquez pour partager sur WhatsApp(ouvre dans une nouvelle fenêtre)
- Cliquez pour partager sur Facebook(ouvre dans une nouvelle fenêtre)
- Cliquer pour envoyer un lien par e-mail à un ami(ouvre dans une nouvelle fenêtre)
1 commentaire
Commentaires désactivés.