ethernet cables plugged in network switch

Le tour des actus cybersécurité | 18 sept 2022

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

un petit clic pour ma veille

Vol / perte de données

https://www.zdnet.com/article/starbucks-singapore-says-some-customer-data-leaked/#ftag=RSSbaffb68

New York ambulance service discloses data breach after ransomware attack

Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS’ systems on May 26, 2022.

Cyberattaques / fraudes

Uber Investigating Massive Security Breach by Alleged Teen Hacker

Uber is investigating a breach of the company’s most sensitive data-including financial documents, internal messages, and who knows what else-by someone who told the New York Times they’re just 18 years old.

Hacker Trio Tied to Iran Attacked U.S. Hundreds of Times, Feds Say

Iranian hackers with ties to the nation’s military are responsible for carrying out « hundreds » of ransomware attacks on victims in the U.S. and other countries over multiple years, U.S. federal authorities said Wednesday. The attacks are said to have targeted nearly every kind of organization you could think of-from local governments to non-profits to small businesses, churches, and schools.

China Accuses the NSA of Hacking a Top University to Steal Data

China claims that America’s National Security Agency used sophisticated cyber tools to hack into an elite Chinese research university. The attack allegedly targeted the Northwestern Polytechnical University in Xi’an (not to be confused with a California of the same name), which is highly ranked in the global university index for its science and engineering programs. The U.S.

Montenegro

A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical infrastructure of the country, including banking, water and electrical power systems are at high risk.

Albania was hit by a new cyberattack and blames Iran

Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. « The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, was committed by the same actors who in July attacked the country’s public and government service systems, » reads a statement issued by the Albanian interior ministry.

FBI: Hackers steal millions from healthcare payment processors

The Federal Bureau of Investigation (FBI) has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker. This year alone, threat actors have stolen more than $4.6 million from healthcare companies after gaining access to customer accounts and changing payment details.

Akamai mitigated a new record-breaking DDoS attack

On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked in July and that hit the same customer.

LastPass revealed that intruders had internal access for four days

Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days in August 2022. LastPass CEO Karim Toubba explained that there is no evidence that the attackers had access to customer data.

Failles / vulnérabilités

Teslas Hackers Have Found Another Unauthorized Access Vulnerability

Relay attacks in cars are nothing new. Thieves have been using them for years to gain unauthorized access to vehicles equipped with keyless entry and start systems, by fooling the car into thinking that precious fob is present and accounted for.

Vulnerabilities Found in Airplane WiFi Devices

Two critical vulnerabilities were found in wireless LAN devices that are allegedly used to provide internet connectivity on airplanes. Thomas Knudsen and Samy Younsi from Necrum Security Labs first discovered the flaws, which were found to have affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec.

Justice / police / réglementation

WSJ News Exclusive | U.S. Recovers Over $30 Million in Cryptocurrency Stolen by North Korean Hackers

U.S. authorities have seized more than $30 million in cryptocurrency plundered from an online game this year by hackers linked to North Korea, one of the largest successes clawing back digital revenue from Pyongyang, investigators said. While only a fraction of the hundreds of millions in cryptocurrency purloined, the sum recovered is far higher than previously known.

Anonymous hacker, who bragged about exploits on TikTok, says he was raided by Canadian police

Written by AJ Vicens Sep 16, 2022 | CYBERSCOOP Over the past year, Aubrey Cottle developed a sizable TikTok following for his flashy hacking videos and clips promoting operations by the hacktivist collective Anonymous against the Ukraine war.

Attaques de rançongiciels par trois ressortissants iraniens aux États-Unis | UnderNews

Le ministère de la Justice américaine a annoncé l’inculpation de trois ressortissants iraniens pour des attaques de rançongiciels (attaques reposant sur BitLocker) contre des citoyens américains.

Suisse

La Ville de Saint-Gall veut interdire la reconnaissance faciale automatique dans les lieux publics

Le conseil municipal de la Ville de Saint-Gall souhaite interdire la reconnaissance faciale automatisée dans l’espace public – ce serait la première ville de Suisse à le faire. Cette décision a été prise suite à une motion de la gauche et des verts.

Divers

Google, Microsoft can get your passwords via web browser’s spellcheck

Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively. While this may be a known and intended feature of these web browsers, it does raise concerns about what happens to the data after transmission and how safe the practice might be, particularly when it comes to password fields.

Veilleur et spécialiste en cybersécurité