photo of thunderstorm

Les actus cyber-sécurité | sem 24 Juil 2022

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

un petit clic pour ma veille

Vol / perte de données

Hackers leak huge cache of data from evangelical organization that supported Dobbs decision

Written by AJ Vicens Jul 22, 2022 | CYBERSCOOP Pro-choice hacktivists leaked more than 74 gigabytes of data connected to evangelical organizations, the latest example of how abortion rights supporters are attempting to use the internet to rally support against groups that supported the Dobbs v. Jackson ruling reversing Row v.

Personal data of 69 million Neopets users exposed

The online pet website, Neopets, has confirmed it fell victim to a data breach, exposing the personal information of approximately 69 million users. The website’s source code was also stolen in the attack. Recently, Neopets launched NFTs, which are part of a plan to create an online Metaverse game, in which users can own, raise and play games with their virtual pets.

Hacker Selling Data of Over 69 Million Neopets Members

Virtual pet website Neopets has suffered from a data breach leading to the theft of a database and source codes containing the sensitive information of over 69 million members. The Neopets website allows members to own, raise, and play games with their virtual pets.

Cyberattaques / fraudes

Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky’s health

Written by AJ Vicens Jul 21, 2022 | CYBERSCOOP Cyber criminals attacked a Ukrainian company that operates nine « major » radio stations to spread a message that Ukrainian President Volodymyr Zelensky was in critical condition and under intensive care, Ukrainian officials announced Thursday.

Tens of thousands of card details swiped from online users

Security researchers have uncovered two separate Magecart campaigns which targeted online ordering platforms to exfiltrate card details from at least 311 US restaurants. Recorded Future found e-skimming software injected into three platforms: MenuDrive, Harbortouch, and InTouchPOS.

Belgium says Chinese APT gangs attacked its government

The government of Belgium has claimed it detected three Chinese Advanced Persistent Threat actors attacking its public service and defence forces. A government statement names Advanced Persistent Threat 27, 30, and 31 – aka UNSC 2814, GALLIUM, and SOFTCELL – as the groups responsible for the attacks.

A massive cyberattack hit Albania

Albania was hit by a massive cyberattack over the weekend, the government confirmed on Monday. A synchronized criminal attack from abroad hit the servers of the National Agency for Information Society (AKSHI), which handles many government services.

Failles / vulnérabilités

Critical flaws in GPS tracker enable « disastrous » and « life-threatening » hacks

A security firm and the US government are advising the public to immediately stop using a popular GPS tracking device or to at least minimize exposure to it, citing a host of vulnerabilities that make it possible for hackers to remotely disable cars while they’re moving, track location histories, disarm alarms, and cut off fuel.

Successful exploitation of these vulnerabilities could allow an attacker control over any MV720 GPS tracker, granting access to location, routes, fuel cutoff commands, and the disarming of various features (e.g., alarms),

Justice / police / réglementation

Romanian Man Accused of Distributing Gozi Virus Extradited to US

A Romanian man accused of distributing a computer virus that hit over 1 million computers has been extradited to the US. The suspect, 37-year-old Mihai Paunescu, allegedly ran a hosting service that helped distribute the Gozi virus, which caused tens of millions of dollars of financial losses worldwide.

FBI Seizes $500,000 in Ransomware Payments from North Korean Hackers

The U.S Department of Justice announced that over $500,000 worth of Bitcoin was seized by the FBI from hackers based out of North Korea. « The seized funds include ransoms paid by healthcare providers in Kansas and Colorado, » the DoJ said in a press release issued Tuesday.

Last member of Gozi malware troika arrives in US for criminal trial

As the English translation of the Baroque-era German rendering of the Ancient Greek philosophical saying goes: Though the mills of God grind slowly, yet they grind exceeding small/Though with patience he stands waiting, with exactness grinds he all.

Suisse

Les arnaques au faux support informatique sont en hausse en Suisse

Les polices cantonales latines mettent en garde contre de faux techniciens Microsoft qui proposent une aide informatique. En Suisse romande seulement, près de 280 cas ont été enregistrés, avec un préjudice s’élevant à environ 900’000 francs depuis le début de l’année.

Divers

Grande-Bretagne : Le pic de chaleur fait tomber les datacenters de Google Cloud et Oracle – Le Monde Informatique

Plusieurs datacenters basés au Royaume-Uni ont subi des pannes cette semaine alors que des températures record ont frappé le pays. Ceux de Google Cloud et d’Oracle n’ont pas résisté. Alors que les températures au Royaume-Uni ont atteint un record de 40 degrés mardi, les datacenters appartenant à Oracle et Google Cloud ont été touchés par des pannes liées au refroidissement, causant des problèmes aux clients essayant d’accéder à leurs services.

GeckoSpy: Pegasus Spyware Used Against Thailand’s Pro-Democracy Movement – The Citizen Lab

1] Citizen Lab, University of Toronto [2] DigitalReach We discovered an extensive espionage campaign targeting Thai pro-democracy protesters, and activists calling for reforms to the monarchy. We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware. The observed infections took place between October 2020 and November 2021.

Veilleur et spécialiste en cybersécurité