Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
200M Adult Cam Model, User Records Exposed in Stripchat Breach
The leak included model information, chat messages and payment details.
Utah medical center hit by data breach affecting 582k patients
Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed.
FBI Hacker Offers to Sell Data Allegedly Stolen in Robinhood Breach
The hacker who last week sent out thousands of fake emails from FBI systems is offering to sell data allegedly stolen in the recent breach at mobile stock trading platform Robinhood.
Facebook demands LAPD end social media surveillance and use of fake accounts
Company’s letter to LA police chief comes after the Guardian revealed that the department partnered with a tech firm that enables undercover spying
Cyberattaques / fraudes
Emotet botnet comeback orchestrated by Conti ransomware gang
The Emotet botnet is back by popular demand, resurrected by its former operator, who was convinced by members of the Conti ransomware gang.
Le botnet Emotet ressuscite via le malware Trickbot – Le Monde Informatique
Malware : Démantelé début 2021 par une coalition internationale de forces de police et de justice, le botnet Emotet a été remis en activité. Il se reconstruit…
Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims
Researchers Expose Secrets of Conti Ransomware Group That Made 25 Million from Attacks
FBI’s Email System Hacked to Send Out Fake Cyber Security Alert to Thousands
The FBI’s email system was hacked to send a fake cyber security alert to thousands
Iranian government-backed hackers target critical infrastructure with ransomware, US says
The targets include local governments and the health care sector.
Failles / vulnérabilités
FBI warns of APT group exploiting FatPipe VPN zero-day since May
The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products to breach targets’ networks.
Six million Sky routers exposed to takeover attacks for 17 months
Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers.
Justice / police / réglementation
Banks must report major cyber incidents within 36 hours under finalized regulation
Industry won some concessions in the final version of the rule, which banks must comply with by May.
Suisse
La Confédération doit-elle se charger de la cyber-protection des cantons, communes et PME?
En réponse à une motion parlementaire, le Conseil fédéral juge que la protection des cantons, communes et PME contre les cyberattaques n’est pas du ressort de la Confédération et que cela constituerait une atteinte à la souveraineté des uns et à la liberté économique des autres.
Divers
Some Tesla owners unable to unlock cars due to server errors
Some Tesla owners worldwide are unable to unlock or communicate with their cars using the app due to an outage of the company’s servers.
Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity
The big-ticket cyber item in the Infrastructure Investment and Jobs Act is $1 billion in state and local grants.