L’hebdo des cyber-menaces (3 janv 2021)

In Carnet de veille
Déroulez ici

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

Vol / perte de données

T-Mobile confirms another data breach exposing user call records, phone numbers

The year 2020 was devastating for the entire world, but it was twice as problematic for renowned mobile telecom company T-Mobile. Reportedly, the company suffered two massive data breaches within one year. The company has started notifying affected subscribers about the recent attack. As per T-Mobile, unauthorized attackers accessed the account information of its subscribers.

Microsoft Says Russian Hackers Viewed Some of Its Source Code

Microsoft said on Thursday that the far-reaching Russian cyberattack of U.S. government agencies and private corporations went further into its network than the company had previously revealed. While the hackers, suspected to be working for Russia’s S.V.R.

Data breach broker selling user records stolen from 26 companies

A data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned. When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them.

Cyberattaques / fraudes

Swatting : ils piratent les caméras de leurs victimes, puis diffusent l’intervention des forces spéciales

Des caméras mal sécurisées permettent aux malfrats de streamer en temps réel sur le Web des opérations de ” swatting ” pour en faire un (affreux) spectacle. Le FBI vient de lancer l’alerte.

Microsoft says SolarWinds hackers accessed company source code – CyberScoop

Microsoft said Thursday that the SolarWinds hackers were able to access company source code, although the technology giant described the incident as largely harmless in an update to an internal investigation. “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft said in a blog post.

Failles / vulnérabilités

FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’

Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold. Stolen email passwords are being used to hijack smart home security systems to “swat” unsuspecting users, the Federal Bureau of Investigation warned this week.

Backdoor account found in 100,000+ Zyxel Firewalls, VPN Gateways

Admin-Level Backdoor Discovered in Zyxel Firewalls A Dutch cybersecurity firm Eye Control’s team of security researchers has identified backdoor account in over 100,000 Zyxel firewalls, access point controllers, and VPN gateways. The hard-coded, admin-level account allows attackers to obtain root access to devices through the web administration panel or the SSH interface.

Au moins 100 millions de PC utilisent toujours Windows 7 un an après la fin de son support technique

Un an après l’arrêt officiel du support de Windows 7 par Microsoft, près de 100 millions d’utilisateurs continuent de l’utiliser.

Adobe Flash Player is officially dead tomorrow

Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years. Over the years, multiple zero-day and critical vulnerabilities [ 1, 2, 3, 4] found to impact Flash Player were used by both cybercriminals and nation-state hacking groups to install malware, remotely execute malicious code, and take over the users’ computers.

Réglementaire / juridique

Ticketmaster fined $10 million for breaking into rival’s systems

Ticketmaster, a Live Nation subsidiary and a leading ticket distribution and sales company, was fined $10 million for illegally accessing the systems of competitor CrowdSurge using the credentials of one of its former employees. “Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” Acting U.S.

Divers

Swiss Space Office asks Cysec to develop satellite cyber security – SpaceWatch.Global

CYSEC SA, a cybersecurity company based at the EPFL innovation Park, with its academic partner HEPIA, the Geneva University of Applied Sciences and Arts, have been awarded a contract by the Swiss Space office to develop a solution to mitigate the cyber risks related to in-orbit reconfiguration of small satellites.

Un homme arrêté et incarcéré après une reconnaissance faciale erronée attaque en justice

Un homme noir incarcéré dans le New Jersey par erreur poursuit les autorités locales en justice, comme le rapporte le Wall Street Journal. En février 2019, Nijeer Parks, un âgé de 33 ans, avait passé plus d’une semaine en prison après un incident survenu fin janvier 2019.

1 Comment

Comments are closed.

La newsletter