Cybersécurité Pour décoder l'actualité sur la cybersécurité , le cybercrime et les cyberattaques
Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Starbucks Singapore says customer data illegally accessed in data leak
Starbucks says personal data of some customers in Singapore has been compromised, including names, birthdates, and mobile numbers. While credit card details and passwords have not been leaked, it has advised customers to change their password.
New York ambulance service discloses data breach after ransomware attack
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS’ systems on May 26, 2022.
Cyberattaques / fraudes
Uber Investigating Massive Security Breach by Alleged Teen Hacker
Uber is investigating a breach of the company’s most sensitive data-including financial documents, internal messages, and who knows what else-by someone who told the New York Times they’re just 18 years old.
Hacker Trio Tied to Iran Attacked U.S. Hundreds of Times, Feds Say
Iranian hackers with ties to the nation’s military are responsible for carrying out « hundreds » of ransomware attacks on victims in the U.S. and other countries over multiple years, U.S. federal authorities said Wednesday. The attacks are said to have targeted nearly every kind of organization you could think of-from local governments to non-profits to small businesses, churches, and schools.
China Accuses the NSA of Hacking a Top University to Steal Data
China claims that America’s National Security Agency used sophisticated cyber tools to hack into an elite Chinese research university. The attack allegedly targeted the Northwestern Polytechnical University in Xi’an (not to be confused with a California of the same name), which is highly ranked in the global university index for its science and engineering programs. The U.S.
Montenegro
A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical infrastructure of the country, including banking, water and electrical power systems are at high risk.
Albania was hit by a new cyberattack and blames Iran
Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. « The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, was committed by the same actors who in July attacked the country’s public and government service systems, » reads a statement issued by the Albanian interior ministry.
FBI: Hackers steal millions from healthcare payment processors
The Federal Bureau of Investigation (FBI) has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker. This year alone, threat actors have stolen more than $4.6 million from healthcare companies after gaining access to customer accounts and changing payment details.
Akamai mitigated a new record-breaking DDoS attack
On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked in July and that hit the same customer.
LastPass revealed that intruders had internal access for four days
Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days in August 2022. LastPass CEO Karim Toubba explained that there is no evidence that the attackers had access to customer data.
Failles / vulnérabilités
Teslas Hackers Have Found Another Unauthorized Access Vulnerability
Relay attacks in cars are nothing new. Thieves have been using them for years to gain unauthorized access to vehicles equipped with keyless entry and start systems, by fooling the car into thinking that precious fob is present and accounted for.
Vulnerabilities Found in Airplane WiFi Devices
Two critical vulnerabilities were found in wireless LAN devices that are allegedly used to provide internet connectivity on airplanes. Thomas Knudsen and Samy Younsi from Necrum Security Labs first discovered the flaws, which were found to have affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec.
Justice / police / réglementation
WSJ News Exclusive | U.S. Recovers Over $30 Million in Cryptocurrency Stolen by North Korean Hackers
U.S. authorities have seized more than $30 million in cryptocurrency plundered from an online game this year by hackers linked to North Korea, one of the largest successes clawing back digital revenue from Pyongyang, investigators said. While only a fraction of the hundreds of millions in cryptocurrency purloined, the sum recovered is far higher than previously known.
Anonymous hacker, who bragged about exploits on TikTok, says he was raided by Canadian police
Over the past year, Aubrey Cottle developed a sizable TikTok following for his flashy hacking videos and clips promoting operations by the hacktivist collective Anonymous against the Ukraine war. Cottle, a Canadian who goes by the online handle « Kirtaner, » helped popularize Anonymous more than a decade ago when the loosely affiliated group gained notoriety for its Guy Fawkes masks, online antics and hacks.
Attaques de rançongiciels par trois ressortissants iraniens aux États-Unis | UnderNews
Le ministère de la Justice américaine a annoncé l’inculpation de trois ressortissants iraniens pour des attaques de rançongiciels (attaques reposant sur BitLocker) contre des citoyens américains.
Suisse
Divers
Google, Microsoft can get your passwords via web browser’s spellcheck
Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively. While this may be a known and intended feature of these web browsers, it does raise concerns about what happens to the data after transmission and how safe the practice might be, particularly when it comes to password fields.
