people night dark laptop

L’hebdo des cyber-menaces (23 mai 2021)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !

Vol / perte de données

Indonesia ‘s government confirms social security data breach for some citizens

Indonesia’s Communication and Information Ministry has confirmed a leak of social security data, it attempted to downplay the incident explaining that it only impacted a small portion of the population. The authorities launched an investigation into the data leak after a user, that goes with the handle Kotz, posted on a hacker forum samples of data belonging to Indonesian citizens.

Data of 100+ million Android users exposed via misconfigured cloud services

Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources.

https://thehackernews.com/2021/05/indias-flag-carrier-airline-air-india.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29

Les données personnelles de 8 000 employés de Decathlon exposées (MAJ) – Le Monde Informatique

Une enquête menée par VPNmentor montre que des données incluant noms, mails, photos et jetons d’authentification de près de 8 000 employés de Decathlon ont été exposées. Une mauvaise configuration de bucket S3 relatif à un serveur utilisé par un partenaire du groupe en est à l’origine.

Cyberattaques / fraudes

DarkSide ransomware made $90 million in just nine months

The DarkSide ransomware gang has collected at least $90 million in ransoms paid by its victims over the past nine months to multiple Bitcoin wallets. Around 10% of the profit came in one week from attacking just two companies: Colonial Pipeline, the largest oil pipeline system in the United States, and Brenntag, a large chemical distribution company in Germany.

https://grahamcluley.com/cyberinsurance-giant-axa-hit-by-ransomware-attack-after-saying-it-would-stop-covering-ransom-payments/

SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern – CyberScoop

SolarWinds saw signs of hackers invading their networks as early as January of 2019, about eight months earlier than the previously publicly disclosed timeline for the sweeping cyber-espionage campaign, and nearly two years before anyone discovered the breach.

SolarWinds saw signs of hackers invading their networks as early as January of 2019, about eight months earlier than the previously publicly disclosed timeline

FBI: Conti ransomware attacked 16 US healthcare, first responder orgs

The Federal Bureau of Investigation (FBI) says the Conti ransomware gang has attempted to breach the networks of over a dozen U.S. healthcare and first responder organizations. The info was shared via a TLP:WHITE flash alert issued Thursday to help system admins and security professionals defend their orgs’ networks against future Conti attacks.

Florida water treatment plant was involved in second security incident before poisoning attempt: report | ZDNet

A new study from Dragos has found that a water treatment plant in Oldsmar, Florida — where hackers attempted to poison the town’s water earlier this year — was also involved in another potential breach at the same time.

Irish officials analyze decryption tool as long recovery process from ransomware continues – CyberScoop

The Irish government expects to dedicate significant resources in the coming days to recovery efforts related to a ransomware incident that has hampered the country’s public health service for the last week, officials said Friday.

New Zealand hospitals infected by ransomware, cancel some surgeries

New Zealand’s Waikato District Health Board (DHB) has been hit with a strain of ransomware that took down most IT services Tuesday morning and drastically reduced services at six of its affiliate hospitals. The attack disabled all IT services except email. Patient notes became inaccessible, clinical services were disrupted, and surgeries postponed.

Failles / vulnérabilités

DarkSide affiliates claim gang’s bitcoin deposit on hacker forum

Since the DarkSide ransomware operation shut down a week ago, multiple affiliates have complained about not getting paid for past services and issued a claim for bitcoins in escrow at a hacker forum. Russian-language cybercriminal communities typically have an escrow system to avoid scams between sellers and buyers.

Justice / police / réglementation

IC3 Logs 6 Million Complaints | Federal Bureau of Investigation

It took nearly seven years for the FBI’s Internet Crime Complaint Center (IC3) to log its first million complaints. It took only 14 months to add the most recent million. The IC3 logged five million complaints on March 12, 2020, a few weeks before it marked its 20th anniversary.

Irish High Court issues injunction to prevent HSE data leak

Update added to the bottom of article. The High Court of Ireland has issued an injunction against the Conti Ransomware gang, demanding that stolen HSE data be returned and not sold or published. Last week, Ireland’s Health Service Executive (HSE) suffered a Conti ransomware attack that has severely disrupted the health services in the country.

Divers / Suisse

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

New Report Explains How Apple Gave Chinese Government Access to iCloud Data and Censors Apps

https://www.ictjournal.ch/news/2021-05-17/la-plateforme-mesvaccinsch-ne-sera-pas-reactivee

Blogueur et spécialiste en cybersécurité

Magazine made for you.

Featured:

No posts were found for provided query parameters.

Elsewhere:
La newsletter