Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et Merci pour le café !
Vol / perte de données
Georgia fertility clinic discloses breach of patient SSNs and medical info after ransomware attack | ZDNet
A fertility clinic in Georgia has notified about 38,000 patients that their medical information and other data like social security numbers had been accessed by cybercriminals during a ransomware attack in April.
Cyber-attack Exposes Eye Clinic Patient Data
A cyber-attack on an eye clinic with locations across Iowa may have exposed the records of hundreds of thousands of patients. On Tuesday, Wolfe Eye Clinic announced that it had suffered a digital assault in February of this year. During the attack, an unauthorized third party gained access to the clinic’s computer network.
Swedish COVID-19 lab with millions of test results breached | CyberNews
IT solutions provider from Sweden reported it had detected hackers peaking inside a database for COVID-19 test results. Over three million test results Unclear whether intruders took any information from the database. The targeted company, InfoSolutions, published a statement claiming that it detected an intrusion to a database employed by 15 of 21 Sweden’s regions.
Mercedes-Benz data breach exposes SSNs, credit card numbers
Mercedes-Benz USA has just disclosed a data breach impacting some of its customers. The company assessed 1.6 million customer records which included customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the impact. It appears the data breach exposed credit card information, social security numbers, and driver license numbers of under 1,000 Mercedes-Benz customers and potential buyers.
Cloud Database Exposes 800M+ WordPress Users’ Records
A misconfigured cloud database exposed over 800 million records linked to WordPress users before its owner was notified, according to Website Planet. Security researcher Jeremiah Fowler explained that the trove was left online with no password protection by US hosting provider DreamHost.
Tulsa warns of data breach after Conti ransomware leaks police citations
The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online. In early May, Tulsa suffered a ransomware attack that led to the City shutting down its network to prevent the spread of the malware.
Cyberattaques / fraudes
Les conteneurs, nouvelles proies des cybercriminels – Le Monde Informatique
Depuis plusieurs mois le cyberattaques montent en puissance en causant toujours plus de dégâts. La dernière tendance mise en avant dans l’étude d’Aqua Security montre que les pirates s’en prennent aussi avec succès aux environnements conteneurisés et nativement cloud.
Failles / vulnérabilités
Plus de 30 millions d’ordinateurs Dell peuvent être piratés à distance
Un ensemble de failles permet d’usurper l’identité des serveurs de mise à jour UEFI et, par conséquent, de prendre le contrôle des terminaux. Des correctifs sont disponibles.
Doctolib a transféré des données sensibles à Facebook et Outbrain
Selon le média allemand Mobilsicher , Doctolib aurait envoyé les mots-clés tapés par les utilisateurs dans le moteur de recherche de la plateforme à Facebook et Outbrain, pendant plusieurs mois. Pour quelles raisons ? Nous ne le savons pas clairement pour le moment.
Justice / police / réglementation
La police britannique réalise la « plus grosse saisie de cryptomonnaie au monde »
C’est en effectuant une série de descentes dans des planques utilisées par le « gang des blanchisseurs » que les policiers de la brigade spécialisée dans la lutte contre la fraude économique sont tombés sur un magot d’argent sale en monnaies virtuelles.
Six arrested for siphoning €12 million in fraudulent COVID-19 unemployment payments from France
On 16 June, officers from the French National Gendarmerie (Gendarmerie Nationale) and the Israeli Police (משטרת ישראל) closed in on the members of an organised crime group running a sophisticated benefit fraud scheme on either side the Mediterranean Sea. A total of six individuals were arrested in various locations across France.
Divers / Suisse
John McAfee found dead after Spanish court approved extradition to US – CyberScoop
John McAfee, a cybersecurity industry pioneer who would go on to promote various cryptocurrencies and flee international law enforcement, has died in Spain, according to multiple news reports. McAfee, 75, died in a jail cell in Barcelona while awaiting extradition to the U.S. on charges of tax evasion, the Spanish newspaper El Pais reported Wednesday.
Google repousse son projet de bloquer les cookies tiers
Aujourd’hui, les cookies tiers sont considérés comme l’un des problèmes du web. Ceux-ci permettent en effet aux réseaux d’annonceurs de pister les internautes entre plusieurs sites, à des fins publicitaires. Et actuellement, ce type de cookie est déjà bloqué par un bon nombre de navigateurs.
