black and white no war text

L’hebdo des cyber-menaces (27 fév 2022)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

un petit clic pour ma veille

Vol / perte de données

Hackers Stole $1.7 Million Worth of NFTs from Users of OpenSea Marketplace

Hackers steal more than 1.7 million dollars worth of Non-fungible tokens (NFTs) from customers of the OpenSea Marketplace.

Les données personnelles des salariés de Transavia ont été dérobées lors d’une cyberattaque

La filiale française de Transavia, filiale du groupe Air France-KLM, a été victime d’une cyberattaque lors de laquelle les hackers ont mis la main sur les données personnelles des salariés. C’est le blog spécialisé dans la cybersécurité Zataz qui a révélé cette information. Passeport, coordonnées…

« Vos documents privés ont été divulgués, mais n’oublions pas que nous ne sommes pas des ordures. Vos données privées resteront privées, et nous ne les divulguerons ni ne les vendrons (…) Toutes les données en notre possession ont été supprimées afin de rassurer les personnes concernées par cette fuite « , promettent les hackers.

Cyberattaques / fraudes

Les cyberattaques se multiplient en Ukraine attaqué par la Russie – Le Monde Informatique

L’offensive russe engagée contre l’Ukraine cette nuit ne se passe pas qu’au sol ou dans les airs. Les cyberattaques se sont intensifiées dans le même temps, notamment l’installation d’un effaçeur de données sur des centaines de systèmes informatiques ukrainiens.

Mykhailo Fedorov on Twitter: « We are creating an IT army. We need digital talents. All operational tasks will be given here: https://t.co/Ie4ESfxoSn. There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists. / Twitter »

We are creating an IT army. We need digital talents. All operational tasks will be given here: https://t.co/Ie4ESfxoSn. There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists.

White House Denies Mulling Massive Cyberattacks Against Russia

The options reportedly included tampering with trains, electric service and internet connectivity, hampering Russia’s military operations in Ukraine. The White House has denied reports that President Biden has been presented with an arsenal of ways to launch massive cyberattacks against Russia – attacks designed to disrupt the country’s ability to sustain its military operations in Ukraine.

Official website of Russian Parliament, MoD and Kremlin go offline

The Kremlin domain is the official website of President Vladimir Putin which according to NetBlocks is among the government websites to go offline.

Anonymous hacktivists, ransomware groups get involved in Ukraine-Russia conflict | ZDNet

Multiple ransomware groups and members of the hacktivist collective Anonymous announced this week that they are getting involved in the military conflict between Ukraine and Russia. On Thursday, members of Anonymous announced on Twitter that they would be launching attacks against the Russian government.

Conti gang says it’s ready to hit critical infrastructure in support of Russian government

The infamous cybercriminal group behind the Conti ransomware has publicly announced its full support for the Russian government while the country’s army is invading Ukraine and threatened to strike the critical infrastructure of anyone launching cyberattacks or war actions against Russia.

Ukraine Attacked with Wiper Malware

Ukraine is being targeted by new data-wiping malware as the country is attacked on three sides by Russian armed forces. Researchers at ESET and Symantec found hundreds of machines across a number of organizations in Ukraine were infected with HermeticWiper on Wednesday.

Report: Ukraine calls for volunteer hackers to protect critical infrastructure | ZDNet

The government of Ukraine has reportedly sent out a call for volunteers with hacking skills to help protect the country’s critical infrastructure. On February 24, Reuters reported that notices backed by the government have appeared on online forums. Yegor Aushev, the co-founder of Cyber Unit Technologies and a figure known in Ukrainian circles for promoting the development of ethical hacking, told the news agency that he wrote the post following a request from a senior Defense Ministry official.

EU cyber-response team deployed

The European Union’s newly formed Cyber Rapid-Response Team (CRRT) has been deployed to Ukraine to aid in combat against Russian threat actors. In a tweet yesterday, the Lithuanian Ministry of Defence confirmed the CRRT is to be deployed at the request of the Ukrainian government.

Iran’s hackers are using these tools to steal passwords and deliver ransomware, say FBI and CISA | ZDNet

Hackers linked to the Iranian Ministry of Intelligence and Security are exploiting a range of vulnerabilities to conduct cyber espionage and other malicious attacks against organisations around the world, a joint alert by US and UK authorities has warned. The advisory by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the U.S.

Conti ransomware attack on Irish healthcare system may cost over $100 million | ZDNet

An Irish news outlet is reporting that the country’s healthcare system will have to spend more than $48 million recovering from a widespread ransomware attack by the Conti group that took place last year.

FBI warns of fake CEO attacks taking place via video conferencing systems

The FBI has issued a warning that organisations should be on their guard against BEC (Business Email Compromise) attacks involving virtual meeting platforms. Typically BEC scams work through the exploitation of compromised business email accounts, using a variety of techniques to trick unsuspecting workers into transferring funds into a bank account under the control of the scammer.

Failles / vulnérabilités

Citi Bikes being swiped by joyriding scammers who have cracked the QR code

Local scam artists are pedaling a new con. They’re stealing Citi Bikes by switching the QR scan codes on two bicycles near each other at a docking station, then waiting for an unsuspecting cyclist to try to unlock a bike with his or her smartphone app.

Apple AirTag anti-stalking protection bypassed by researchers

When the Apple AirTag hit the market in 2021, it immediately attracted the attention of hackers and reverse engineers. Could AirTags be jailbroken? Could AirTags be simulated? Could the AirTag ecosystem be used for purposes beyond Apple’s own imagination (or at least beyond its intentions)?

Justice / police / réglementation

Ukraine police arrest phishing group

The Ukrainian cyberpolice have arrested five individuals who stole credit card data from at least 70,000 people. The group of phishing actors lured people to fake mobile top up service sites. According to law enforcement, the actors used the stolen information to empty their victims’ bank accounts.

Suisse

Ruag International appelé à mieux sécuriser ses données

La Commission de gestion du Conseil national a enquêté sur Ruag International après une attaque présumée de pirates informatiques. La commission exige davantage de mesures de cybersécurité. Avant de vendre des unités de Ruag International, le Conseil fédéral est appelé à s’assurer qu’aucune donnée sensible ne subsiste sur les systèmes de l’entreprise.

L’Université de Neuchâtel se remet petit à petit d’une cyberattaque

L’Université de Neuchâtel (UniNE) est venue compléter la liste des organisations suisses victimes d’une cyberattaque. L’institution, qui remet petit à petit ses systèmes en route, a confirmé vendredi l’information d’abord rapportée par le quotidien Arcinfo. Sur son site internet, redevenu fonctionnel vendredi soir, l’université communique sur l’attaque et le rétablissement progressif de ses services en ligne.

Divers

CISA publishes guide with free cybersecurity tools, resources for incident response | ZDNet

CISA has published a guide containing free cybersecurity resources and services that may be valuable in incident response. Cyberwar and the Future of Cybersecurity Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Veilleur et spécialiste en cybersécurité