L’hebdo des cyber-menaces (6 juin 2021)

In Carnet de veille

Photo by cottonbro on Pexels.com

Déroulez ici

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !

Vol / perte de données

UK Special Forces soldiers’ personal data was floating around WhatsApp in a leaked Army spreadsheet

Exclusive An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet. The document, seen by The Register, contained details of all 1,182 British soldiers recently promoted from corporal to sergeant – including those in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment.

Tokyo Olympics organizers’ data swept up in Fujitsu hack: report – CyberScoop

The organizing committee of the Tokyo Olympics is the latest victim of a breach in which hackers broke into a Japanese government contractor’s data-sharing tool, according to a Japanese media report. The breach affected some 170 people who participated in a cybersecurity drill ahead of the Olympic Games next month, Kyodo News reported.

TikTok Quietly Updated Its Privacy Policy to Collect Users’ Biometric Data

TikTok updated its privacy policy quietly to collect biometric data from users.

Cyberattaques / fraudes

Fujifilm shuts down computer systems following apparent ransomware intrusion – CyberScoop

Fujifilm Corp. has shut down part of its computer network and “disconnected from external correspondence” in the face of a possible ransomware attack, the Japanese electronics giant said Wednesday. In a brief statement, Fujifilm said that it became aware of the security issue late Tuesday and that it has “taken measures to suspend all affected systems in coordination with our various global entities.”

Fujifilm victime d’une cyberattaque – Le Monde Informatique

Cette semaine, le conglomérat japonais Fujifilm a fait état d’une intrusion dans ses systèmes d’information. Le groupe de cybercriminels russe REvil serait impliqué dans la propagation du trojan et voleur de données Qbot a priori présent dans les réseaux de la firme nipponne depuis mi-mai 2021 suivi d’un ransomware.

Swedish Health Agency shuts down SmiNet after hacking attempts

The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts. SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening.

FBI blames REvil gang for JBS ransomware hack as global meat supplier gets back to work – CyberScoop

A prolific ransomware operation known as REvil is to blame for a ransomware attack against the global meat supplier JBS, the FBI said Wednesday.

Comment la NSA s’est servie du Danemark pour espionner la France et d’autres pays européens

Le Danemark était-il un cheval de Troie en Europe ? Le système d’espionnage danois a en tous cas servi à la NSA (National Security Agency) pour espionner en 2012 et en 2014 de hauts responsables suédois, norvégiens, français et allemands.

USA : les ransomwares deviennent une priorité nationale

Le mois dernier, un piratage informatique mené par le groupe cybercriminel Darkside a provoqué un début de panique aux États-Unis. Les pirates ont utilisé un ransomware qui est parvenu à mettre hors service le réseau de Colonal Pipeline qui alimente près de 45 % des carburants consommés sur la côte est.

Failles / vulnérabilités

WordPress force installs Jetpack security update on 5 million sites

Automattic, the company behind the WordPress content management system, force deploys a security update on over five million websites running the Jetpack WordPress plug-in. Jetpack is a remarkably popular WordPress plug-in that provides free security, performance, and website management features, including brute-force attack protection, site backups, secure logins, and malware scanning.

GitHub’s new policies allow removal of PoC exploits used in attacks

GitHub announced on Friday their updated community guidelines that explain how the company will deal with exploits and malware samples hosted on their service. To give some background behind the new policy changes, security researcher Nguyen Jang uploaded a proof-of-concept exploit (PoC) to GitHub in March for the Microsoft Exchange ProxyLogon vulnerability.

Firefox now autoupdates on Windows even when not running

The Windows version of Firefox can now automatically upgrade itself to the latest version in the background when the web browser is not running. “Background Update is now available on Windows. This feature will allow Firefox to update, even if it is not running,” the Firefox 90.0 Beta release notes read.

Panne nationale des appels d’urgence : des victimes et un audit chez Orange (MAJ) – Le Monde Informatique

L’incident ayant touché les appels d’urgence suite à un problème technique chez Orange a été résolu dans la nuit, mais le système restait encore sous surveillance ce matin. Les numéros provisoires restent par ailleurs actifs. Le ministre de l’Intérieur a déploré des décès liés à l’impossibilité d’appeler les services d’urgence et a diligenté un audit externe sur la gestion de la panne par l’opérateur.

Justice / police / réglementation

FBI, DOJ to treat ransomware attacks with similar priority as terrorism | ZDNet

The FBI and Justice Department upped the ante on the rhetoric around ransomware attacks on Thursday and Friday, telling a number of news outlets that cyberattacks will be treated with almost the same level of concern as terrorist attacks.

Interpol intercepts $83 million fighting financial cyber crime

The Interpol (short for International Criminal Police Organisation) has intercepted $83 million belonging to victims of online financial crime from being transferred to the accounts of their attackers. Over 40 law enforcement officers specialized in fighting cybercrime across the Asia Pacific region took part in the Interpol-coordinated Operation HAECHI-I spanning more than six months.

Latvian national charged with writing malware used by Trickbot hackers – CyberScoop

U.S. prosecutors have charged a 55-year-old Latvian national with developing computer code used in tandem with the infamous malicious software known as TrickBot, which has defrauded countless people while infecting tens of millions of computers worldwide. The defendant, known as Alla Witte, was arraigned in a federal court in Cleveland on Friday after being arrested in Miami in February, the Justice Department said.

Divers / Suisse

La sécurité du certificat Covid suisse soumise à un test public, juste avant son lancement (update)

Alors que le certificat Covid suisse doit être progressivement introduit dans les cantons dès le 7 juin, le Centre national pour la cybersécurité (NCSC) lance un test public de la solution. On connaît en outre les trois prestataires choisis par la Confédération comme partenaires techniques pour le développement de la solution.

Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors

Your‌ ‌Amazon‌ ‌devices will automatically share your Internet connection with your neighbors.

Comme la Russie, les États-Unis sont experts en désinformation massive

La frontière entre dénigrement et lobbying est assez floue. Les campagnes de désinformation sur les vaccins? La faute à la Russie et la Chine, selon un rapport de l’Union Européenne publié en avril dernier. Les rumeurs tentant de “salir” Joe Biden lors des élections de 2020? L…

1 Comment

Comments are closed.

La newsletter