Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !
Vol / perte de données
Hack of IT provider exposes data on 4.5 million Air India passengers – CyberScoop
Data on 4.5 million Air India passengers was compromised in a hack of a major IT provider to the airline industry, Air India announced last week. The initial breach of the IT provider, SITA – disclosed in March – affected numerous airlines from Lufthansa to Cathay Pacific, but the investigation has now revealed one of its biggest victims yet in India’s flagship air carrier.
Audio equipment giant Bose hit by ransomware attack, data breach
Ransomware attacks are the new normal. From laptop manufacturer Acer to Colonial, the largest fuel pipeline in the United States, no one is protected from this ever-growing threat. Its latest victim is The audio equipment manufacturer giant Bose.
Canada Post hit by data breach after supplier ransomware attack
Canada Post has informed 44 of its large commercial customers that a ransomware attack on a third-party service provider exposed shipping information for their customers. Canada Post is the primary postal operator in Canada, serving 16.5 million Canadian residential and business addresses.
Cyberattaques / fraudes
Japan government servers hacked and data stolen – Cybersecurity Insiders
Fujitsu, an IT services firm from Japan was recently targeted by cybercriminals stealing sensitive data belonging to government offices says a report released by NHK- a Japan-based media resource. Sources reporting to Cybersecurity Insiders say that the data belonging to the Ministry of Land, Infrastructure, Transport, Cabinet secretariat, and Tourism were accessed & siphoned […]
FBI to share compromised passwords with Have I Been Pwned
The FBI will soon begin to share compromised passwords with Have I Been Pwned’s ‘Password Pwned’ service that were discovered during law enforcement investigations. The Have I Been Pwned data breach notification site includes a service called Pwned Passwords that allows users to search for known compromised passwords.
FBI Issues Flash Advisory on Conti Ransomware Attacks Impacting Healthcare and First Responder Networks
The Federal Bureau of Investigation has said in a flash announcement that the Conti ransomware group is responsible for at least 16 attacks targeting US healthcare and first responder networks within the last year. The victim organizations include law enforcement agencies, emergency medical services, 911 dispatch centers and municipalities, according to the bureau.
Failles / vulnérabilités
Les CAPTCHAs ne sont désormais plus fiables
Lors d’un débat à la RSA Conference 2021 sur les cyberattaques et les arnaques en ligne, les chercheurs ont discuté des leçons tirées après avoir étudié les techniques des cybercriminels et les attaques menées contre les grands organismes. L’un d’eux, Dan Woods, un ancien agent des forces de l’ordre, a partagé son expérience en tant que travailleur pour les fermes de CAPTCHA.
Un certificat SSL expiré bloque l’admin de Microsoft Exchange – Le Monde Informatique
Pendant quelques heures, le portail d’administration d’Exchange a été bloqué. Microsoft avait oublié de renouveler un certificat SSL. Les responsables IT ont eu quelques sueurs froides ce week-end avec l’impossibilité d’accéder au portail d’administration d’Exchange. En se connectant au site admin.exchange.com, les navigateurs émettaient des avertissements indiquant que la connexion n’était pas sécurisée en raison d’un certificat SSL expiré.
US announces new security directive after critical pipeline hack
The US Department of Homeland Security (DHS) has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack. The new security directive requires critical pipeline owners and operators to report any confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA).
Bizarro banking malware targets 70 banks in Europe and South America
A banking trojan named Bizarro that originates from Brazil has crossed the borders and started to target customers of 70 banks in Europe and South America. Once landed on a Windows system, the malware can force users into entering banking credentials and uses social engineering to steal two-factor authentication codes.
Justice / police / réglementation
Boss of ATM Skimming Syndicate Arrested in Mexico
Florian « The Shark » Tudor, the alleged ringleader of a prolific ATM skimming gang that siphoned hundreds of millions of dollars from bank accounts of tourists visiting Mexico over the last eight years, was arrested in Mexico City on Thursday in response to an extradition warrant from a Romanian court.
Clearview AI hit with massive legal complaint by privacy watchdogs
The data harvesting practices of American facial recognition company Clearview AI are subject to a massive legal complaint launched by four large privacy and digital rights organisations today. Privacy International, alongside the Hermes Center for Transparency and Digital Human Rights, Homo Digitalis and noyb – the European Center for Digital Rights, has launched legal complaints with regulators across Europe about Clearview’s data collection practices.
Divers / Suisse
Hackers Exploit Post-COVID Return to Offices
Spoofed CIO ‘pandemic guideline’ emails being used to steal credentials. With COVID-19 restrictions lifting and workers trickling back to offices, threat actors are sharpening their spear phishing ploys. The latest scam includes pelting recipients with emails purportedly from their CIOs welcoming employees back into offices.
