L’hebdo des cyber-menaces (16 janv 2021)

In Carnet de veille
Déroulez ici

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !

Vol / perte de données

Les hackers de SolarWinds vendent des gigaoctets de données volées en ligne

Les codes sources de Microsoft, Cisco et SolarWinds, ainsi que les outils de piratage de FireEye sont proposés pour un million de dollars.

SolarLeaks site claims to sell data stolen in SolarWinds attacks

Updated information about SolarLeaks site added to bottom of the article. A website named ‘SolarLeaks’ is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack. Last month, it was disclosed that network management company SolarWinds suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers.

Ethical Hackers Breach U.N., Access 100,000 Private Records

Researchers informed organization of a flaw that exposed GitHub credentials through the organization’s vulnerability disclosure program. Security researchers successfully hacked the United Nations, accessing user credentials and personally identifiable information (PII)-including more than 100,000 private employee and project records-before informing the U.N. about the problem through the organization’s vulnerability disclosure program.

Over 200 Million Facebook, Instagram and LinkedIn Profiles Exposed…

Chinese social media management company Socialarks leaked personally identifiable information (PHI) of over 200 million Facebook, Instagram and LinkedIn users, according to researchers from SafetyDetectives. The data leaked trough an unsecured ElasticSearch harbored 408GB of personal data of regular users, social media influencers and even celebrities.

Cyberattaques / fraudes

Criminals are Bypassing MFA to Access Organisation’s Cloud Services

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety of corporate laptops and personal devices during the COVID-19 pandemic.

New Zealand Reserve Bank breached using bug patched on Xmas Eve

A recent data breach at the Reserve Bank of New Zealand, known as Te Pūtea Matua, was caused by attackers exploiting a critical vulnerability patched the same day. Over the weekend, the Reserve Bank disclosed that they suffered a data breach after an attacker hacked a third-party file sharing service containing sensitive data.

Failles / vulnérabilités

CES 2021 : ces nouvelles puces Intel protégeront mieux nos PC des rançongiciels

La nouvelle génération d’Intel Core vPro s’appuie sur les données télémétriques de la puce et l’apprentissage automatique pour détecter les comportements typiques des ransomwares.

Ubiquiti: Change Your Password, Enable 2FA

Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely…

Contenus bloqués: Flash est définitivement enterré

Aujourd’hui 12 janvier 2021, Flash a définitivement tiré sa révérence. Adobe empêche les contenus Flash de s’exécuter dans tous les plug-in Flash Player. Retour en infographie sur la longue histoire de ce lecteur multimédia, emblématique des premières années du web.

Justice / police / réglementation

Europol Reveals Dismantling of ‘Largest’ Underground Marketplace

Europol announced a wide-ranging investigation that led to the arrest of the alleged DarkMarket operator and the seizure of the marketplace’s infrastructure, including more than 20 servers. Europol on Tuesday announced the takedown of DarkMarket, which according to the law enforcement agency is « the world’s largest illegal marketplace on the dark web. »

Australian Police Email Mistakenly Identifies Gun Owners

The Queensland Police Service has mistakenly sent an email that revealed information on about 500 gun owners, which could have been used to determine their location or real names. It’s easy to think about data breaches in terms of hacking, but many data breaches… #australia #databreach #email

UK Accidentally Deletes 150k Arrest Records

The UK government is investigating a technical issue that led to 150,000 arrest records’ being accidentally wiped from nationwide police databases. The unintentional erasure, reported initially by , is believed to have been caused by human error and defective code that earmarked the wrong files for deletion.

Le Conseil fédéral et le Parlement sont en faveur d’une possibilité d’identification électronique (e-ID) réglementée par l’État

Berne, 14.01.2021 – La population suisse votera le 7 mars 2021 sur la loi fédérale sur les services d’indentification électronique (LSIE). La nouvelle loi crée la base pour une identité électronique reconnue par la Confédération et règle la procédure d’une identification sur internet qui sera univoque, sûre et pratique.

Pour la Commission européenne, les réseaux sociaux doivent être mieux encadrés

 » Tout comme le 11-Septembre a marqué un changement de paradigme pour la sécurité mondiale, 20 ans plus tard, nous assistons à un avant et un après concernant le rôle des plateformes numériques dans notre démocratie « .


Au moins deux PC portables ont été volés pendant l’invasion du Capitole

En raison de l’accès physique aux équipements informatiques par les manifestants, des données sensibles sont peut-être dans la nature.

WhatsApp vs Telegram vs Signal – Which One Is More Secure?

Following the changes in WhatsApp privacy policy, the other two rival apps, Signal and Telegram, have experienced a surge in their customer base. According to Sensor Tower, after WhatsApp’s recent update, Signal received 100,000 new customers. Whereas, Telegram attracted 2.2 million new downloads within two days.

Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine

Last month, the makers of one of the most promising coronavirus vaccines reported that hackers stole confidential documents they had submitted to a European Union regulatory body. On Friday, word emerged that the hackers have falsified some of the submissions’ contents and published them on the Internet.

La newsletter