L’hebdo des cyber-menaces (25 avril 2021)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !

Vol / perte de données

Documents secrets : Apple est actuellement victime d’un ransomware à 50 millions de dollars

Pour être tout à fait exact, c’est Quanta, un fournisseur taïwanais d’Apple, qui est actuellement victime d’un ransomware. Un groupe de hackers russes connu sous le nom de Sodinokibi, a volé une multitude de schémas d’ingénierie et de secrets de fabrication actuels et futurs d’Apple par le biais de cette société taïwanaise.

Logins for 1.3 million Windows RDP servers collected from hacker market

​The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials. With this massive leak of compromised remote access credentials, researchers, for the first time, get a glimpse into a bustling cybercrime economy and can use the data to tie up loose ends on previous cyberattacks.

13 millions de clients de Phone House Espagne dans les mains de pirates

Gestion des cookies Nous utilisons des cookies sur notre site web pour vous offrir l’expérience la plus pertinente en mémorisant vos préférences et vos visites répétées. En cliquant sur « Accepter », vous consentez à l’utilisation de ces cookies.

Passwordstate password manager hacked in supply chain attack

Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app’s update mechanism to deliver malware in a supply-chain attack after breaching its networks.

Cyberattaque à l’encontre du 1er acteur indépendant du tourisme français

Gestion des cookies Nous utilisons des cookies sur notre site web pour vous offrir l’expérience la plus pertinente en mémorisant vos préférences et vos visites répétées. En cliquant sur « Accepter », vous consentez à l’utilisation de ces cookies.

Apple AirDrop Flaws Could Let Hackers Grab Users’ Phone Numbers and Email Addresses

Users of Apple products have long loved the ability to wirelessly share files with each other, using AirDrop to transmit files between their iPhones and Macbooks. But researchers at the Technical University of Darmstadt in Germany have discovered that security weaknesses could allow an attacker to obtain a victim’s phone number and even email address.

Geico data breach exposed customers’ driver’s license numbers

Car insurance provider Geico has suffered a data breach where threat actors stole the driver’s licenses for policyholders for over a month. Geico is the second-largest car insurance company in the United States, with over 17 million policies for more than 28 million vehicles.

Six million male members may have been exposed after hack of gay dating service

No, not that kind of member. Manhunt, a popular gay dating service, has suffered a data breach which may have put members at risk of exposure. As TechCrunch reports, Manhunt – which was launched in 2001 and claims to be the world’s largest gay chat and dating site – has been hit by a data breach that exposed sensitive information.

Cyberattaques / fraudes

Hundreds of networks reportedly hacked in Codecov supply-chain attack

More details have emerged on the recent Codecov system breach which is being likened to the SolarWinds hack. In new reporting, investigators have stated that hundreds of customer networks have been breached in the incident, expanding the scope of this system breach beyond just Codecov’s systems.

Les États-Unis restent la principale cible des cyberattaques – Le Monde Informatique

Selon les agences de renseignement américaines, au cours des prochaines décennies, des groupes de pirates soutenus par des États-nations vont passer de plus en plus à l’action. Avec à la clé une hausse des cyberattaques, campagnes de désinformation et de cyberespionnage, ainsi que des vols de propriété intellectuelle.

COVID-19-themed cyberattack detections continue to surge – Help Net Security

McAfee released its new report, examining cybercriminal activity related to malware and the evolution of cyber threats in the third and fourth quarters of 2020. In Q4, there was an average of 648 threats per minute, an increase of 60 threats per minute (10%) over Q3.

Failles / vulnérabilités

Signal CEO Hacks Cellebrite iPhone Hacking Device Used By Cops

Image: JACK GUEZ/AFP via Getty Images) Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet. Moxie Marlinspike, the founder of the popular encrypted chat app Signal, claims to have hacked devices made by the phone unlocking company Cellebrite, which has famously worked with cops to circumvent encryption such as Signal’s.

Stanford student finds glitch in ransomware payment system to save victims $27,000 – CyberScoop

The hackers behind a nascent strain of ransomware hit a snag this week when a security researcher found a flaw in the payment system and, he says, helped victims save $27,000 in potential losses. Stanford University student and security researcher Jack Cable got a call Wednesday from a family friend, who is a doctor, asking for help because cybercriminals had locked the doctor’s computer.

Signal CEO gives mobile-hacking firm a taste of being hacked

Software developed by data extraction company Cellebrite contains vulnerabilities that allow arbitrary code execution on the device, claims Moxie Marlinspike, the creator of the encrypted messaging app Signal. Cellebrite products are commonly used by police and governments to unlock iOS and Android phones and extract data on them.

Une faille zero-day de Pulse Secure VPN, exploitée par des cyber-espions – Le Monde Informatique

Des groupes de cyber-espionnage s’appuient sur les vulnérabilités des VPN pour contourner l’authentification et établir des portes dérobées. Des groupes exploitent actuellement la faille zero-day de Pulse Secure VPN pour pirater des entreprises.

Pulse Secure VPN Flaws Exploited to Target US Defense Sector

Nation-state attackers are exploiting high-severity vulnerabilities in the Pulse Secure VPN to breach networks within the US defense sector and organizations around the world, researchers report. IT software firm Ivanti, which acquired Pulse Secure late last year, today confirmed attackers have targeted a « limited number of customers » using Pulse Connect Secure (PCS) appliances.

Justice / police / réglementation

Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree

Notorious FIN7 gang stole payment card details from retailers around the world * Cybercrime gang posed as penetration testing firm to recruit hackers A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Linux bans University of Minnesota for committing malicious code

Linux kernel project maintainers have imposed a ban on the University of Minnesota (UMN) from contributing to the open-source Linux project after a group of UMN researchers were caught submitting a series of malicious code commits, or patches that deliberately introduced security vulnerabilities in the official Linux project.

Divers / Suisse

La Suisse a établi sa stratégie pour renforcer sa cyberdéfense

La Suisse a défini sa stratégie en matière de cyberdéfense pour les années 2021 à 2024. Approuvé par la conseillère fédérale Viola Amherd, le document trace l’axe stratégique à suivre et s’articule autour de trente champs d’action dans quatre domaines-clés.

The World’s Largest Hacking Conferences Are Back IRL This Summer

Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet. For thousands of people in the hacking and cybersecurity world, the back-to-back Def Con and Black Hat conferences in Las Vegas are marked in red on their calendars.

un petit clic pour ma veille

S'incrire à la newsletter

Inscrivez-vous et recevez la synthèse des nouveaux articles directement dans votre boîte aux lettres.

Merci pour votre inscription !

Un erreur s'est produite. Merci d'essayer à nouveau ou utiliser le formulaire disponible dans la barre latérale du site.

Send this to a friend