L’hebdo des cyber-menaces (21 fév 2021)

In Carnet de veille
Déroulez ici

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !

Vol / perte de données

Microsoft: SolarWinds hackers downloaded some Azure, Exchange source code

Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. In December, it was disclosed that the SolarWinds’ network management company suffered a sophisticated cyberattack that allowed hackers to create a supply chain attack targeting the company’s customers.

Experian challenged over massive data leak in Brazil | ZDNet

After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and said it is likely that the incident was initiated in a corporate environment.

California DMV Warns of Potential Data Breach

The California Department of Motor Vehicles state residents that over a year’s worth of data-including customer addresses and license plate numbers-may have been compromised in a recent cyberattack on a third-party contractor. That contractor-Automatic Funds Transfer Services (AFTS)-is a financial services and data management firm, which California uses to verify changes of address for car owners.

Cyberattaques / fraudes

North Korea accused of hacking Pfizer for Covid-19 vaccine data

It is unclear as to what, if any, data was stolen, according to South Korea’s intelligence agency.

Kia Motors America suffers ransomware attack, $20 million ransom

Story updated with Kia Motors America statement below. Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. Kia Motors America (KMA) is headquartered in Irvine, California, and is a Kia Motors Corporation subsidiary.

Kia Denies Ransomware Attack as IT Outage Continues

Kia Motors America has denied it was hit with a ransomware attack following reports that the auto company was struck by DoppelPaymer ransomware. News of a ransomware attack began to circulate after Kia experienced a nationwide IT shortage earlier this week.

Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack

Microsoft president Brad Smith said the software giant’s analysis of the SolarWinds hack suggests the code behind the crack was the work of a thousand or more developers. Speaking on US news magazine program 60 Minutes, Smith labelled the attack “the largest and most sophisticated attack the world has ever seen.”

L’Afnor sous le feu du ransomware Ryuk (MAJ) – Le Monde Informatique

L’association française en charge de la normalisation a été victime d’une cyberattaque qui perturbe son fonctionnement. Le ransomware Ryuk déjà à l’oeuvre dans les hôpitaux de Dax et Villefranche est également soupçonné dans le cas de l’Afnor.

La Maison Blanche estime à une centaine les entreprises victimes de l’attaque de SolarWinds

Technologie : La Maison Blanche avertit que l’attaque de SolarWinds constitue plus qu’une simple affaire d’espionnage car les cibles du secteur privé pourraient avoir été infiltrées plus profondément que prévu.

U.S. Accuses North Korean Hackers of Stealing Millions

The U.S. Department of Justice has indicted three North Korean computer programmers for their alleged participation in widespread, destructive cyberattacks as part of the advanced persistent threat (APT) known as Lazarus Group. The indictment broadens the scope of crimes that the DoJ has linked to Lazarus Group (and by extension, to North Korea).

Les pirates d’Evilnum s’en prennent aux sociétés fintech suisses

Le collectif de cybercriminels Evilnum est de nouveau actif et cible les institutions financières en Europe. Une mise en garde rapportée par le chercheur en sécurité informatique Matías Porolli sur le blog d’Eset.

Failles / vulnérabilités

Nombre record de vulnérabilités signalées en 2020 | WeLiveSecurity

Les bogues critiques et de grande gravité découverts en 2020 sont plus nombreux que la somme des vulnérabilités signalées dix ans auparavant. Une analyse des données recueillies par l’Institut national des normes et de la technologie () des États-Unis sur les vulnérabilités et expositions communes ( CVE) a révélé que 2020 a vu plus de rapports sur les failles de sécurité que toute autre année à ce jour.

Les créateurs de logiciels malveillants déjà à l’assaut des Macs M1 d’Apple | WeLiveSecurity

Le premier cas de code malveillant originaire des Macs Silicon M1 d’Apple est apparu un mois après la sortie des appareils équipés des processeurs internes de la société. En novembre, Apple a lancé une série d’ordinateurs Mac équipés de ses nouvelles puces Apple Silicon M1, qui ont été très bien accueillies.

Justice / police / réglementation

North Korean hackers charged with $1.3 billion of cyberheists – Malwarebytes Labs

The US Department of Justice recently unsealed indictments detailing North Korea’s involvement in several global cyberattack campaigns against institutions in the financial and entertainment sectors, and money laundering schemes in certain US states. The first unsealed indictment is for hacking activities done by three computer programmers from North Korea.

Divers

Cops Using Music to Try to Stop Being Filmed Is Just the Tip of the Iceberg

Someone tries to livestream their encounters with the police, only to find that the police started playing music. In the case of a February 5 meeting between an activist and the Beverly Hills Police Department, the song of choice was Sublime’s “Santeria.” The police may not got no crystal ball, but…

La newsletter