Le tour des actus cybersécurité | 4 sept 2022
Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes.
Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Hackers gained access to Samsung’s US systems and stole customer information, the mobile phone giant said Friday. The cybersecurity breach took place in late July, and by August 4, Samsung discovered that customer information was taken. The hackers didn’t gain access to Social Security numbers, or credit card or debit card numbers, Samsung said.
2.5 million people were affected, in a breach that could spell more trouble down the line. EdFinancial and the Oklahoma Student Loan Authority (OSLA) are notifying over 2.5 million loanees that their personal data was exposed in a data breach.
Neopets, the company that sells virtual pets to tweenagers (and also a weird amount of adults), suffered a pretty devastating data breach earlier this year, but a recent update seems to show it was far worse than we previously thought.
The Ragnar Locker ransomware added the Portuguese state-owned flag carrier airline TAP Air Portugal to its leak site and claims to have stolen customers’ data. On August 26, the Portugues company announced via Twitter that it was hit by a cyber attack and that it was able to neutralize it.
The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns. IRS Form 990T is used to report ‘unrelated business income’ paid to a tax-exempt entity, such as nonprofits (charities) or IRA and SEP retirement accounts.
Cyberattaques / fraudes
A team of cybersecurity experts from the FBI is heading to Montenegro to help local authorities in investigating the recent massive cyber attack that hit the government infrastructure last week. « This is another confirmation of the excellent cooperation between the United States of America and Montenegro and a proof that we can count on their support in any situation, » the ministry said of the deployment of the Cyber Action Team.
The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy’s energy agency Gestore dei Servizi Energetici SpA (GSE) over the weekend. GSE is a publicly-owned company that promotes and supports renewable energy sources (RES) across Italy.
Amid a wave of hacks that have cost investors billions of dollars worth of cryptocurrency, the FBI is calling on decentralised finance (DeFi) platforms to improve their security. In a warning posted on its website, the FBI said that cybercriminals are increasingly targeting DeFi platforms to steal cryptocurrency, often exploiting vulnerabilities in smart contracts to part investors from their money.
Researchers at security company Proofpoint and PricewaterhouseCoopers (PWC) said on Tuesday they had identified a cyber espionage campaign that delivers the ScanBox exploitation framework through a malicious fake Australian news site. The campaign, active from April to June of this year, targeted Australian government agencies, Australian media companies and manufacturers who conduct maintenance on wind turbine fleets in the South China Sea.
Threat analysts have spotted a new malware campaign dubbed ‘GO#WEBBFUSCATOR’ that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. The malware is written in Golang, a programming language that is gaining popularity among cybercriminals because it is cross-platform (Windows, Linux, Mac) and offers increased resistance to reverse engineering and analysis.
LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level. The gang has recently suffered a DDoS attack, allegedly on behalf of digital security giant Entrust, that prevented access to data published on its corporate leaks site.
Hackers caused a major traffic jam in Moscow after exploiting the Russian ride-hailing app, Yandex Taxi, to summon all available taxis to the same location at the same time (). The attack occurred on September 1st and had traffic heading towards Kutuzovsky Prospect – an already busy boulevard – stuck at a standstill.
Failles / vulnérabilités
A vulnerability in the Google Chrome browser, as well as Chromium-based browsers, could allow malicious web pages to automatically overwrite the clipboard content without any user interaction and consent simply visiting them. According to a blog post published by the developed Jeff Johnson is issue was introduced in version 104.
Apple has released an important security update for the iPhone 5s, iPhone 6 and older iPads to address one of two flaws affecting iOS 15 that also affected iOS 12. Apple has rolled out a fix for iOS 12 in the update in iOS 12.5.6 that brings across a patch for a remote code execution flaw that it fixed in iOS 15.6.1 in mid-August.
Twilio says hackers also gained access to the two-factor authentication (2FA) Authy accounts of 93 users in a recent security breach.
A new ransomware group operating under the name BianLian emerged in late 2021 and has become increasingly active since. The threat actor already has twenty alleged victims across several industries (insurance, medicine, law and engineering), according to a research paper from US cybersecurity firm Redacted, published on September 1, 2022.
Today, we are launching Google’s Open Source Software Vulnerability Rewards Program (OSS VRP) to reward discoveries of vulnerabilities in Google’s open source projects. As the maintainer of major projects such as , and , Google is among the largest contributors and users of open source in the world.
Justice / police / réglementation
The cosmetic giant Sephora has been accused of breaching California Consumer Privacy Act (CCPA) by allegedly selling its customer data.
MBDA is the world’s 2nd largest producer of missiles and hackers are selling 70 GB worth of its data for 1 BTC on a Russian forum.
A US man has admitted he broke the law when he used 3D printers to make components converting semi-automatic guns to full auto.
Various law enforcement agencies in Southern California and North Carolina have deployed an obscure cellphone tracking tool dubbed ‘Fog Reveal,’ sometimes without search warrants, a new investigation by the Associated Press (AP) has revealed.
The constant increase in cyber threats requires new solutions. Therefore, the Cyber-Defence Campus, armasuisse Science & Technology, is working with Tune Insight to test its secure threat intelligence sharing software. The collaboration develops and investigates novel solutions for the secure exchange of cyber threat data.
Une récent rapport du Contrôle fédéral des finances (CDF) consacré à lutte contre la criminalité économique indique que le Ministère public de la Confédération (MPC) demande la création d’un commissariat cyber au sein de la Police judiciaire fédérale (PJF).
US mobile carriers know a lot about where their customers every move, and according to letters sent to the Federal Communications Commission (FCC), they routinely store such location data for years, willingly hand it over to law enforcement if served a proper subpoena, and say users can’t opt out.
La cybersécurité pour les plus vulnérables : Hackers Without Borders et YesWeHack annoncent un partenariat pour protéger les ONG – CIOMAG
Communiqué de presse Genève, le 31 août 2022 – L’ONG Hackers Sans Frontières (HSF) et la première plateforme européenne de bug bounty YesWeHack annoncent leur partenariat étroit – travaillant ensemble pour protéger les organisations à but non lucratif des cyberattaques. YesWeHack fournira à HSF un accès gratuit à sa plateforme de bug bounty à cette…
The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released tips today on securing the software supply chain. This guidance is designed by the Enduring Security Framework (ESF)-a public-private partnership that works to address threats to U.S.