L’hebdo des cyber-menaces (3 janv 2021)

Marc Barbezat 3 janvier 2021 Actualités cybersécurité

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

Vol / perte de données

T-Mobile confirms another data breach exposing user call records, phone numbers
T-Mobile revealed attackers accessed its Customer proprietary network information (CPNI), putting the private data of hundreds of thousands of customers at risk.

Microsoft Says Russian Hackers Viewed Some of Its Source Code (Published 2020)
The hackers gained more access than the company previously understood, though they were unable to modify code or get into its products and emails. Send any friend a story As a subscriber, you have 10 gift articles to give each month. Anyone can read what you share.

Data breach broker selling user records stolen from 26 companies
A data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned. When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them.

Cyberattaques / fraudes

Swatting : ils piratent les caméras de leurs victimes, puis diffusent l’intervention des forces spéciales
Des caméras mal sécurisées permettent aux malfrats de streamer en temps réel sur le Web des opérations de » swatting » pour en faire un (affreux) spectacle. Le FBI vient de lancer l’alerte. Aux États-Unis, les adeptes du » swatting » sont passés à un niveau supérieur de leur art détestable.

Microsoft says SolarWinds hackers accessed company source code
Microsoft said Thursday that the SolarWinds hackers were able to access company source code, although the technology giant described the incident as largely harmless in an update to an internal investigation. « We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories, » Microsoft said in a blog post.

Failles / vulnérabilités

FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’
Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold. Stolen email passwords are being used to hijack smart home security systems to « swat » unsuspecting users, the Federal Bureau of Investigation warned this week.

Backdoor account found in 100,000+ Zyxel Firewalls, VPN Gateways
Researchers have discovered a hard-coded admin-level backdoor account as a Zyxel firmware binary revealing username and password.

Au moins 100 millions de PC utilisent toujours Windows 7 un an après la fin de son support technique
Un an après l’arrêt officiel du support de Windows 7 par Microsoft, près de 100 millions d’utilisateurs continuent de l’utiliser. Microsoft a mis fin au support technique de Windows 7 depuis maintenant un an. En clair, ce système d’exploitation ne bénéficie et ne bénéficiera plus d’aucune mise à jour.

Adobe Flash Player is officially dead tomorrow
Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years. Over the years, multiple zero-day and critical vulnerabilities [ 1, 2, 3, 4] found to impact Flash Player were used by both cybercriminals and nation-state hacking groups to install malware, remotely execute malicious code, and take over the users’ computers.

Réglementaire / juridique

Ticketmaster fined $10 million for breaking into rival’s systems
Ticketmaster, a Live Nation subsidiary and a leading ticket distribution and sales company, was fined $10 million for illegally accessing the systems of competitor CrowdSurge using the credentials of one of its former employees. « Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence, » Acting U.S.

Divers

https://spacewatch.global/2020/12/cysec-wins-swiss-space-office-contract-to-develop-secure-reliable-in-orbit-satellite-reconfiguration/

Un homme arrêté et incarcéré après une reconnaissance faciale erronée attaque en justice
Cet Américain a été détenu pendant plus d’une semaine, il y a moins d’un an, à cause d’une ressemblance détectée par le logiciel avec le visage du suspect recherché. Il a décidé de porter plainte. Un homme noir incarcéré dans le New Jersey par erreur poursuit les autorités locales en justice, comme le rapporte le Wall Street Journal.