Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
More than 1.1 million online credentials found in NY AG credential stuffing investigation – CyberScoop
A months-long investigation into credential stuffing attacks by the New York attorney general’s office found credentials for more than 1.1 million online accounts at 17 major retailers, restaurant chains and food delivery services in internet forums, the agency announced Wednesday.
Data breach: Broward Health warns 1.3 million patients, staff of ‘medical identity theft’ | ZDNet
This weekend, the Broward Health hospital system notified more than 1.3 million patients and staff members that their personal information was involved in a data breach that started on October 15. Best security key 2021 While robust passwords go a long way to securing your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.
Morgan Stanley agrees to $60 million settlement in data breach lawsuit | ZDNet
Morgan Stanley has agreed to a settlement figure of $60 million to resolve a data breach lawsuit. The US bank and financial services giant was subject to a class-action suit following two data exposure incidents involving approximately 15 million current and former clients.
Over 20 years of employee data leaked during McMenamins ransomware attack | ZDNet
Oregon-based venue operator McMenamins said employee data was accessed during a ransomware attack that occurred on December 12. In a statement, the company explained that even though they managed to « block » the attack, employee information dating back to 1998 was compromised.
Have I Been Pwned warns of DatPiff data breach impacting millions
The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. DatPiff is a popular mixtape hosting service used by over 15 million users, allowing unregistered users to download or upload samples for free.
Cyberattaques / fraudes
Portuguese media empire struck in the latest cyberattack on news outlets – CyberScoop
The websites of the top newspaper and TV station in Portugal remained down Tuesday after a cyberattack that began over the weekend, following in a string of recent attacks on media organizations. Impresa Group said its Expresso newspaper and SIC TV stations were the victim of a computer attack.
Cyberattack against UK Ministry of Defence training academy revealed | ZDNet
A retired military officer has disclosed a cyberattack that struck the UK Ministry of Defence (MoD) academy and had a « significant » impact on the organization. Air Marshal Edward Stringer, an officer in charge at the time, told Sky News that the cyberattack was discovered in March 2021.
North Korean Hackers Start New Year with Attacks on Russian Foreign Ministry
A North Korean cyberespionage group named Konni has been linked to a series of targeted attacks aimed at the Russian Federation’s Ministry of Foreign Affairs (MID) with New Year lures to compromise Windows systems with malware.
N Korean hackers stole $1.7 billion from cryptocurrency exchanges
The government-backed hackers from North Korea have stolen around $1.7 billion worth of cryptocurrency from different exchanges during the past five years, claim reports published by local South Korean media outlets Chosun and Newsis. According to reports ( 1 and 2) that quoted statements from United States federal prosecutor and data released by the American blockchain analysis firm Chainalysis, North Korea considers cryptocurrency a long-term investment.
Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites
The campaign was an opportunistic supply-chain attack abusing a weaponized Brightcove cloud video player.
Israeli newspaper Jerusalem Post is hacked, website defaced to include threats – CyberScoop
Outsiders defaced the website of a prominent Israeli newspaper early Monday, posting a picture of an Israeli nuclear facility being destroyed by a missile along with a threat in both English and Hebrew. Hackers targeted the home page of the The Jerusalem Post, among the biggest newspapers in Israel, early Monday morning Israeli time, the paper reported.
Le groupe Thales attaqué par le ransomware Lockbit ? (MAJ) – Le Monde Informatique
Le site du groupe derrière le ransomware Lockbit annonce avoir compromis le groupe Thales et lui laisse environ 13 jours avant de publier les données en sa possession. Si 2021 a été une année dense en matière de ransomware, l’année 2022 ne devrait pas connaître une pause.
Failles / vulnérabilités
Uber ignores vulnerability that lets you send any email from Uber.com
A vulnerability in Uber’s email system allows just about anyone to send emails on behalf of Uber. The researcher who discovered this flaw warns this vulnerability can be abused by threat actors to email 57 million Uber users and drivers whose information was leaked in the 2016 data breach.
Log4j flaw attack levels remain high, Microsoft warns | ZDNet
Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j ‘Log4Shell’ flaw through December. Disclosed by the Apache Software Foundation on December 9, Log4Shell will likely take years to remediate because of how widely the error-logging software component is used in applications and services.
Justice / police / réglementation
F.B.I. Arrests Man Accused of Stealing Unpublished Book Manuscripts
Filippo Bernardini, an Italian citizen who worked in publishing, was charged with wire fraud and identity theft for a scheme that prosecutors said affected hundreds of people over five or more years. They were perplexing thefts, lacking a clear motive or payoff, and they happened in the genteel, not particularly lucrative world of publishing: Someone was stealing unpublished book manuscripts.
Etats-Unis : Des sanctions pour les entreprises qui ne patchent pas Log4j
Sécurité : La FTC américaine sévit : les organisations doivent appliquer tous les correctifs disponibles pour protéger les données de leurs utilisateurs, sous peine d’être condamnées. La Commission fédérale du commerce (FTC) des Etats-Unis prévient : elle poursuivra les entreprises qui ne prennent pas suffisamment de précautions pour remédier à la vulnérabilité du logiciel de journalisation Java Log4j.
Parliamentary security committee review backs the operation of controversial TOLA Act | ZDNet
The controversial Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 , has received the backing of the Parliamentary Joint Committee on Intelligence and Security (PJCIS) in its review of the laws.
Chinese tech companies must undergo government cyber review to list overseas | ZDNet
China on Tuesday evening confirmed it will increase oversight on how local tech companies operate their platforms both locally and overseas through two new sets of rules. The first set of rules, set to be enforced on February 15, is focused on cybersecurity reviews and will require local tech companies with personal information on over 1 million users to undergo a security review before being allowed to list onto overseas stock exchanges.
Suisse
Des cyber-escrocs se font passer pour la police fédérale
Des cybercriminels tentent actuellement d’escroquer des citoyens suisses avec des spams en français, contenant une lettre répliquant abusivement les logos de la Confédération, de Police.ch et Cybercrimepolice.ch. Ils les menacent de poursuites pénales en lien avec le visionnement ou la diffusion de contenus pornographiques et pédophiles.
Swiss army bans all chat apps but locally-developed Threema
The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead. As Threema is a paid subscription communications service, the Swiss army promised to cover the annual subscription cost for all soldiers, which is roughly $4.40 per user.
L’imprimeur des passeports suisses et Swisscom veulent créer des preuves numériques infalsifiables
Swisscom et Orell Füssli, l’imprimeur des billets de banque et passeports suisses, ont noué un partenariat pour développer des solutions de certificats numériques juridiquement valables exploitant entre autres la blockchain, notamment à des fins de vérification dans les processus commerciaux.
Wecan projette de déployer son coffre-fort sécurisé dans d’autres industries en 2022
Wecan Group annonce une nouvelle levée de fonds. La start-up genevoise projette de poursuivre le développement de sa clientèle dans le domaine de la conformité pour le secteur financier et d’étendre son concept de partage sécurisé de documents basé sur la blockchain à d’autres industries comme les avocats, les cliniques ou les gouvernements.
Divers
Plusieurs vieux modèles de BlackBerry ont cessé de fonctionner
Coup dur pour les nostalgiques des téléphones portables munis d’un clavier physique: depuis mardi, de nombreux modèles de BlackBerry ne sont plus fonctionnels. Cette décision marque la fin d’une ère de la téléphonie mobile. La marque canadienne a décidé d’arrêter les mises à jour de son système d’exploitation OS dont sont équipés les appareils vendus jusqu’en 2013.
US Police Warn of Parking Meters with Phishing QR Codes
In a hurry to park your car? Don’t want to fumble around in your pocket to find cash for the parking meter, and don’t have the correct payment app installed on your phone? Well, think carefully before rushing to scan the payment QR code stuck on the side of the meter – it may well be an attempt by fraudsters to phish your financial information.
Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected
Two-factor authentication (2FA) has been around for a while now and for the majority of tech users in the US and UK, it has became a security staple. Indeed, wake up calls brought about by data breaches have stirred others out of their comfort zones into finally adopting 2FA and making it part of their online lives.