L’hebdo des cyber-menaces (2 mai 2021)

In Carnet de veille

hacker pirate dark web

Déroulez ici

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !

Vol / perte de données

DigitalOcean Data Breach Exposed Customers’ Billing Information

DigitalOCean confirmed the data breach via an email to its customers confirming the exposure of billing details. The tech giant assured that the incident affected very few customers. Recently, TechCrunch has reported on a data breach affecting the cloud hosting provider DigitalOcean.

Des centaines de milliers de données clients de ParkMobile piratées

Gestion des cookies Nous utilisons des cookies sur notre site web pour vous offrir l’expérience la plus pertinente en mémorisant vos préférences et vos visites répétées. En cliquant sur “Accepter”, vous consentez à l’utilisation de ces cookies.

Cyberattaques / fraudes

La police a désinstallé le botnet Emotet sur 1,6 million de machines infectées

Créée et diffusée par la police fédérale allemande, la procédure d’autodestruction s’est déclenchée comme prévu le 25 avril.

FBI shares 4 million email addresses used by Emotet with Have I Been Pwned

Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency’s effort to clean infected computers. Individuals and domain owners can now learn if Emotet impacted their accounts by searching the database with email addresses stolen by the malware.

Des pirates rançonnent la police de Washington DC

Ils menacent de publier les données sur les informateurs des forces de l’ordre si leur demande de rançon n’est pas respectée.

Ransomware attack exposes 250GB files of Washington Police Department – Cybersecurity Insiders

A Babuk Ransomware attack that took place on the database of Washington DC Metropolitan Police Department has now led to the leak of some of the critical information belonging to the police department onto the dark web. In what is known to our Cybersecurity Insiders, over 250 GB of data affiliated to the Washington DC […]

Des pirates chiffrent des NAS Qnap avec 7zip… et récoltent plus de 200000 euros

Ils réclament une rançon d’environ 400 euros. En l’espace de quelques jours, ils ont déjà réussi à collecter plus de 200 000 euros.

Law enforcement delivers final blow to Emotet – CyberScoop

Written by Shannon Vavra Apr 26, 2021 | CYBERSCOOP Law enforcement officials are taking another stab at taking down Emotet. For years cybercriminals have used Emotet, a botnet or a network of infected computers, to spread ransomware such as Ryuk and other malware around the world.

Failles / vulnérabilités

New stealthy Linux malware used to backdoor systems for years

A recently discovered Linux malware with backdoor capabilities has flown under the radar for years, allowing attackers to harvest and exfiltrate sensitive information from compromised devices. The backdoor, dubbed RotaJakiro by researchers at Qihoo 360’s Network Security Research Lab (360 Netlab), remains undetected by VirusTotal’s anti-malware engines, although a sample was first uploaded in 2018.

Microsoft finds critical code execution bugs in IoT, OT devices

Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. These 25 security flaws are known collectively as and are caused by memory allocation Integer Overflow or Wraparound bugs.

Des applications tierces peuvent accéder aux données sensibles de Swisscovid

Un chercheur a découvert un bug dans le système de notification des expositions de Google utilisé par Swisscovid et d’autres apps de traçage. Certaines applications privilégiées installées sur les smartphones Android peuvent accéder à des données sensibles et en déduire les personnes infectées ou exposées.

10,000+ unpatched ABUS Secvest alarms can be remotely deactivated

Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. A remote attacker could exploit the vulnerability to disable alarm systems and expose homes and corporate buildings to intrusions.

Justice / police / réglementation

EU adopts controversial law forcing one-hour takedowns of terrorist content

The European Parliament has formally adopted a law requiring internet companies to “remove or disable access to flagged terrorist content” within one hour after being notified by national authorities. Once issued, such takedown notices will apply across the EU, with countries able to levy financial penalties against firms that refuse to comply.

FBI teams up with ‘Have I Been Pwned’ to alert Emotet victims | WeLiveSecurity

The data breach notification site now allows you to check if your login credentials may have been compromised by Emotet The United States’ Federal Bureau of Investigation (FBI) has shared more than 4.3 million email addresses, harvested by the Emotet botnet, with data breach tracking website Have I Been Pwned (HBIP) in an effort to help alert victims of the notorious botnet.

Justice Department launches review of cyber policies after ransomware, supply chain scourges – CyberScoop

The Justice Department is undertaking a four-month review of its approach to combatting a range of malicious cyber activity from foreign governments and criminals amid a spate of ransomware attacks and supply chain compromises. “We need to rethink …

European police hope Google ads will steer teenagers away from a life of hacking – CyberScoop

Written by Shannon Vavra Apr 27, 2021 | CYBERSCOOP European authorities are stepping up their efforts to intervene with teen hackers before they might break the law. In a series of programs launching this year, law enforcement officials are aiming to identify young people deemed at risk of committing crimes, and provide a metaphorical tap on the shoulder, Floor Jansen, a Dutch police officer involved in the creation of the programs, told CyberScoop.

https://hotforsecurity.bitdefender.com/blog/fbi-offers-millions-of-emotet-compromised-credentials-to-have-i-been-pwned-25738.html

Divers / Suisse

Security expert coalition shares actions to disrupt ransomware

The Ransomware Task Force, a public-party coalition of more than 50 experts, has shared a framework of actions to disrupt the ransomware business model. One of the priority recommendations refers to better regulating the cryptocurrency sector, which plays an essential part in obfuscating the threat actors and making ransomware attacks a lucrative endeavor.

Australian government’s major IT shops to help others with cybersecurity | ZDNet

The federal government might be finally letting go of its ” every agency for itself when it comes to cybersecurity” mantra, signalling on Wednesday its intention to have Canberra’s bigger agencies provide support to others.

Mystère : pourquoi le Pentagone a-t-il activé 175 millions d’adresses IPv4 ?

L’armée américaine détient le plus grand stock d’adresses IPv4 au monde, mais n’en utilisait qu’une petite fraction. Jusqu’à maintenant.

La newsletter