Photo by Brett Sayles on
Le tour des actus cybersécurité | 18 sept 2022
18 septembre 2022
Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Starbucks says personal data of some customers in Singapore has been compromised, including names, birthdates, and mobile numbers. While credit card details and passwords have not been leaked, it has advised customers to change their password.
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS’ systems on May 26, 2022.
Cyberattaques / fraudes
Uber is investigating a breach of the company’s most sensitive data-including financial documents, internal messages, and who knows what else-by someone who told the New York Times they’re just 18 years old.
Iranian hackers with ties to the nation’s military are responsible for carrying out « hundreds » of ransomware attacks on victims in the U.S. and other countries over multiple years, U.S. federal authorities said Wednesday. The attacks are said to have targeted nearly every kind of organization you could think of-from local governments to non-profits to small businesses, churches, and schools.
China claims that America’s National Security Agency used sophisticated cyber tools to hack into an elite Chinese research university. The attack allegedly targeted the Northwestern Polytechnical University in Xi’an (not to be confused with a California of the same name), which is highly ranked in the global university index for its science and engineering programs. The U.S.
A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical infrastructure of the country, including banking, water and electrical power systems are at high risk.
Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. « The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, was committed by the same actors who in July attacked the country’s public and government service systems, » reads a statement issued by the Albanian interior ministry.
The Federal Bureau of Investigation (FBI) has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker. This year alone, threat actors have stolen more than $4.6 million from healthcare companies after gaining access to customer accounts and changing payment details.
On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked in July and that hit the same customer.
Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days in August 2022. LastPass CEO Karim Toubba explained that there is no evidence that the attackers had access to customer data.
Failles / vulnérabilités
Relay attacks in cars are nothing new. Thieves have been using them for years to gain unauthorized access to vehicles equipped with keyless entry and start systems, by fooling the car into thinking that precious fob is present and accounted for.
Two critical vulnerabilities were found in wireless LAN devices that are allegedly used to provide internet connectivity on airplanes. Thomas Knudsen and Samy Younsi from Necrum Security Labs first discovered the flaws, which were found to have affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec.
Justice / police / réglementation
U.S. authorities have seized more than $30 million in cryptocurrency plundered from an online game this year by hackers linked to North Korea, one of the largest successes clawing back digital revenue from Pyongyang, investigators said. While only a fraction of the hundreds of millions in cryptocurrency purloined, the sum recovered is far higher than previously known.
Over the past year, Aubrey Cottle developed a sizable TikTok following for his flashy hacking videos and clips promoting operations by the hacktivist collective Anonymous against the Ukraine war. Cottle, a Canadian who goes by the online handle « Kirtaner, » helped popularize Anonymous more than a decade ago when the loosely affiliated group gained notoriety for its Guy Fawkes masks, online antics and hacks.
Le ministère de la Justice américaine a annoncé l’inculpation de trois ressortissants iraniens pour des attaques de rançongiciels (attaques reposant sur BitLocker) contre des citoyens américains.
Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively. While this may be a known and intended feature of these web browsers, it does raise concerns about what happens to the data after transmission and how safe the practice might be, particularly when it comes to password fields.
Découvrez les principaux incidents de perte et vol de données détectés cette dernière semaine
Comment l'approche 'Secure by Design' renforce la résilience et la sécurité dans l'espace