Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic, raising cybersecurity concerns with researchers. Alder Lake is the name of Intel’s 12th generation Intel Core processors, released in November 2021.
Zoetop pays $1.9m to settle customer data theft case
Online retailer Zoetop will fork out $1.9 million after account data belonging to 46 million customers was stolen in 2018. In announcing the settlement this week, New York Attorney General Letitia James said Hong Kong’s Zoetop, which owns fast-fashion brands Shein and Romwe, also tried to downplay the scale of the cyberattack and was pretty bad at securing people’s personal information.
Mormon Church data stolen in ‘state-sponsored’ cyberattack
Miscreants broke into the Church of Jesus Christ of Latter-day Saints’ computer systems and stole personal data belonging to « some » members, employees, contractors and friends, the church has confirmed. According to a church statement on the « data incident, » posted on its website today, the security breach happened in late March 2022.
Toyota discloses accidental leak of some customers’ personal information
Toyota Motor Corporation warns customers that their personal information may have been accidentally exposed after an access key was publicly available on GitHub for almost five years. The carmaker discovered recently that a portion of its T-Connect site source code was mistakenly published on GitHub.
Cyberattaques / fraudes
Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers
As seen by Hackread.com, the Iranian broadcaster was hacked while airing a news bulletin on Saturday night.
US airports’ sites taken down in DDoS attacks by pro-Russian hackers
Update: Title of story modified to indicate it was the sites taken down. The pro-Russian hacktivist group ‘KillNet’ is claiming large-scale distributed denial-of-service (DDoS) attacks against websites of several major airports in the U.S., making them unaccessible.
It was LockBit that forced NHS tech supplier to shut down
Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months.
Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server
Cloudflare announced it has mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. The Cloudflare DDoS threat report 2022 Q3 states that multi-terabit massive DDoS attacks have become increasingly frequent. In Q3, the company mitigated multiple attacks that exceeded 1 Tbps.
Almost 900 servers hacked using Zimbra zero-day flaw
Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months. The vulnerability tracked as CVE-2022-41352 is a remote code execution flaw that allows attackers to send an email with a malicious archive attachment that plants a web shell in the ZCS server while, at the same time, bypassing antivirus checks.
Cloudflare mitigated record DDoS attack against Minecraft server
Wynncraft, one of the largest Minecraft servers, was recently hit by a 2.5 Tbps distributed denial-of-service (DDoS) attack. It was a multi-vector attack that lasted for about two minutes and consisted of UDP and TCP floods packets attempting to overwhelm the server and keep out hundreds of thousands of players, DDoS mitigation company Cloudflare says.
Failles / vulnérabilités
Fortinet warns that critical authentication bypass flaw has been exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog. CISA on Tuesday added the flaw to the KEV catalog, a day after Fortinet revealed an authentication bypass CVE-2022-40684 that it patched last week was already being exploited in the wild.
Justice / police / réglementation
Student jailed for hacking female classmates’ email, Snapchat accounts
On Thursday, a Puerto Rico judge sentenced a former University of Puerto Rico (UPR) student to 13 months in prison for hacking over a dozen email and Snapchat accounts of female colleagues. The defendant, Iván Santell-Velázquez (aka Slay3r_r00t), pled guilty to cyberstalking on July 13, admitting to targeting more than 100 students.
German Cybersecurity Chief Faces Sacking Over Possible Russia Ties
German Interior Minister Nancy Faeser could dismiss Arne Schoenbohm, president of the Federal Office for Information Security ( BSI) due to possible contact with Russian security agents, German media reported on Sunday, October 9, 2022, citing government sources.
Comments are closed.
Pingback: Veille Cyber N410 – 24 octobre 2022 |