Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !
Vol / perte de données
Les hackers de SolarWinds vendent des gigaoctets de données volées en ligne
Les codes sources de Microsoft, Cisco et SolarWinds, ainsi que les outils de piratage de FireEye sont proposés pour un million de dollars. Des codes sources de Microsoft, le gestionnaire interne de failles de Cisco, les outils de piratage de FireEye, le fichier de clients de SolarsWinds…
SolarLeaks site claims to sell data stolen in SolarWinds attacks
Updated information about SolarLeaks site added to bottom of the article. A website named ‘SolarLeaks’ is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack. Last month, it was disclosed that network management company SolarWinds suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers.
Ethical Hackers Breach U.N., Access 100,000 Private Records
Researchers informed organization of a flaw that exposed GitHub credentials through the organization’s vulnerability disclosure program. Security researchers successfully hacked the United Nations, accessing user credentials and personally identifiable information (PII)-including more than 100,000 private employee and project records-before informing the U.N. about the problem through the organization’s vulnerability disclosure program.
Over 200 Million Facebook, Instagram and LinkedIn Profiles Exposed Through Unsecured Database Held by Chinese Startup
Chinese social media management company Socialarks leaked personally identifiable information (PHI) of over 200 million Facebook, Instagram and LinkedIn users, according to researchers from SafetyDetectives. The data leaked trough an unsecured ElasticSearch harbored 408GB of personal data of regular users, social media influencers and even celebrities.
Cyberattaques / fraudes
Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation’s Cloud Services
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety of corporate laptops and personal devices during the COVID-19 pandemic.
New Zealand Reserve Bank breached using bug patched on Xmas Eve
A recent data breach at the Reserve Bank of New Zealand, known as Te Pūtea Matua, was caused by attackers exploiting a critical vulnerability patched the same day. Over the weekend, the Reserve Bank disclosed that they suffered a data breach after an attacker hacked a third-party file sharing service containing sensitive data.
Failles / vulnérabilités
CES 2021 : ces nouvelles puces Intel protégeront mieux nos PC des rançongiciels
La nouvelle génération d’Intel Core vPro s’appuie sur les données télémétriques de la puce et l’apprentissage automatique pour détecter les comportements typiques des ransomwares. Intel a profité du CES 2021 pour présenter la onzième génération de Core vPro, son SoC dédié aux machines professionnelles.
Ubiquiti: Change Your Password, Enable 2FA
Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.
Justice / police / réglementation
Europol Reveals Dismantling of ‘Largest’ Underground Marketplace
Europol announced a wide-ranging investigation that led to the arrest of the alleged DarkMarket operator and the seizure of the marketplace’s infrastructure, including more than 20 servers. Europol on Tuesday announced the takedown of DarkMarket, which according to the law enforcement agency is « the world’s largest illegal marketplace on the dark web. »
Australian Police Email Mistakenly Identifies Gun Owners
The Queensland Police Service has mistakenly sent an email that revealed information on about 500 gun owners, which could have been used to determine their location or real names. It’s easy to think about data breaches in terms of hacking, but many data breaches stem from negligence or human error.
UK Accidentally Deletes 150k Arrest Records
The UK government is investigating a technical issue that led to 150,000 arrest records’ being accidentally wiped from nationwide police databases. The unintentional erasure, reported initially by , is believed to have been caused by human error and defective code that earmarked the wrong files for deletion.
Le Conseil fédéral et le Parlement sont en faveur d’une possibilité d’identification électronique (e-ID) réglementée par l’État
Berne, 14.01.2021 – La population suisse votera le 7 mars 2021 sur la loi fédérale sur les services d’indentification électronique (LSIE). La nouvelle loi crée la base pour une identité électronique reconnue par la Confédération et règle la procédure d’une identification sur internet qui sera univoque, sûre et pratique.
Pour la Commission européenne, les réseaux sociaux doivent être mieux encadrés
» Tout comme le 11-Septembre a marqué un changement de paradigme pour la sécurité mondiale, 20 ans plus tard, nous assistons à un avant et un après concernant le rôle des plateformes numériques dans notre démocratie « .
Divers
Au moins deux PC portables ont été volés pendant l’invasion du Capitole
En raison de l’accès physique aux équipements informatiques par les manifestants, des données sensibles sont peut-être dans la nature. Jeudi dernier, la meute pro-Trump n’a pas seulement provoqué des dégradations matérielles au sein du Capitole, elle a également mis à mal la sécurité physique des équipements informatiques.
WhatsApp vs Telegram vs Signal – Which One Is More Secure?
Following the changes in WhatsApp privacy policy, the other two rival apps, Signal and Telegram, have experienced a surge in their customer base. According to Sensor Tower, after WhatsApp’s recent update, Signal received 100,000 new customers. Whereas, Telegram attracted 2.2 million new downloads within two days.
Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine
Last month, the makers of one of the most promising coronavirus vaccines reported that hackers stole confidential documents they had submitted to a European Union regulatory body. On Friday, word emerged that the hackers have falsified some of the submissions’ contents and published them on the Internet.