Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Health system data breach due to Meta Pixel hits 3 million patients
Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients. The incident was caused by the improper use of Meta Pixel on AAH’s websites, where patients log in and enter sensitive personal and medical information.
Microsoft Exposed 2.4 TB of Business Customer Data in BlueBleed Breach
BlueBleed – The leaked files were dated from 2017 to August 2022 and involved several misconfigured cloud storage buckets.
Hackers Threaten to Release Medical Info of High-Profile Australians
Hackers say they’ve obtained data from an Australian health insurance company and have threatened to release the private medical information of high-profile Australians if a ransom isn’t paid, according to a new report from the Sydney Morning Herald.
EnergyAustralia Electricity company discloses security breach
Another Australian organization was hit by a severe cyber attack, this time the victim is the Electricity company EnergyAustralia. EnergyAustralia is the country’s third-largest energy retailer. The company confirmed that threat actors had access to information on 323 residential and small business customers but ‘no evidence’ of data exfiltration.
Cyberattaques / fraudes
Ransomware attack halts circulation of some German newspapers
German newspaper ‘Heilbronn Stimme’ published today’s 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. On Saturday, the newspaper issued an « emergency » six-page edition while all planned obituaries were posted on the website. Phone and email communication remained offline during the weekend.
BlackByte ransomware uses new data theft tool for double-extortion
A BlackByte ransomware affiliate is using a new custom data stealing tool called ‘ExByte’ to steal data from compromised Windows devices quickly. Data exfiltration is believed to be one of the most important functions in double-extortion attacks, with BleepingComputer told that companies are more commonly paying ransom demands to prevent the leak of data than to receive a decryptor.
Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware
Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware | Read breaking news and high quality articles on cyber security, hacking, information security, computer security, cybercrime, ethical hacking and technology.
Pro-Russia Hackers DDoS Bulgarian Government
A wave of DDoS attacks rocked the Bulgarian government over the weekend, with Russia the prime suspect, according to reports. Traffic flooded the websites of the Bulgarian President, the National Revenue Agency, and the ministries of internal affairs, defense, and justice, according to several local reports.
Failles / vulnérabilités
When cops hack back: Dutch police fleece DEADBOLT criminals (legally!)
Sadly, we’ve needed to cover the DEADBOLT ransomware several times before on Naked Security.
Microsoft avoue avoir négligé la sécurité de millions de PC sous Windows pendant des années
Le système de protection de Windows censé bloquer les pilotes obsolètes et potentiellement malveillants ne fonctionnait pas laissant des millions de machines ouvertes aux malwares. Windows est-il aussi sécurisé que Microsoft veut le faire croire ? La question peut désormais se poser. D’après Ars Technica, Microsoft aurait admis certains manquements en matière de sécurité dans son OS.
Justice / police / réglementation
Clearview AI gets third €20 million fine for illegal data collection
France’s data protection authority (CNIL) has fined Clearview AI with €20 million for illegal collection and processing of biometric data belonging to French citizens. The amount is the maximum financial penalty the company could receive as per GDPR Article 83.
Suspected Multimillion-Dollar Fraud Mastermind Arrest
Today, Europol celebrated the capture of a « high-value target » this week after the arrest in Tenerife of a suspected prolific fraudster, said to have conned scores of investors. It appears that the 50-year-old Croatian man is believed to have run a large-scale investment fraud operation which managed to extract at least €5m ($4.9m) from victims. Thus far, 70 German investors have been identified, Europol claimed.
INTERPOL-led Operation Takes Down ‘Black Axe’ Cyber Crime Organization
Interpol has announced the arrest of 75 people as part of a coordinated global operation against an organised cybercrime syndicate called Black Axe.
Police dismantles criminal ring that hacked keyless cars
Authorities from France, Latvia, and Spain arrested 31 suspects believed to be part of a car theft ring that targeted vehicles from two French car manufacturers. The criminals only targeted cars that use keyless entry and start systems and stole them after exploiting their keyless technology to unlock the doors and start the engines without having to use the key fobs.
Brazilian police arrested a man suspected of being a member of LAPSUS$ gang
The Federal Police of Brazil yesterday announced the arrest of an individual suspected of being linked to the LAPSUS$ extortionist gang. The authorities did not disclose info about the individual, it seems that the suspect is a teenager. The arrest is the result of an international police operation codenamed Operation Dark Cloud that was launched in August 2022.
Fashion brand SHEIN fined $1.9m for lying about data breach
Chinese company Zoetop, former owner of the wildly popular SHEIN and ROMWE « fast fashion » brands, has been fined $1,900,000 by the State of New York. As Attorney General Letitia James put it in a statement last week: SHEIN and ROMWE’s weak digital security measures made it easy for hackers to shoplift consumers’ personal data.
Suisse
Canton de Neuchâtel: Cyberattaque: « Pas de signe de fuite de données »
Canton de NeuchâtelCyberattaque: « Pas de signe de fuite de données » Une attaque informatique ayant encore pour cible le réseau pédagogique neuchâtelois a été constatée mercredi soir. Selon les autorités, l’attaque malveillante a été contrée. Une alerte de sécurité portant sur le Réseau pédagogique neuchâtelois (RPN), portail informatique de l’enseignement obligatoire et post-obligatoire, a eu lieu dans la nuit de mercredi à jeudi.
Des pirates informatiques éthiques ont attaqué la Confédération sans trouver de faille critique
Des pirates éthiques se sont attaqués au système central d’accès de la Confédération. Aucune faille critique n’a été découverte. Les tests effectués ont permis de renforcer la sécurité du système, annonce la Chancellerie fédérale. L’administration fédérale a mené un programme de primes aux bugs informatiques (bug bounty) entre le 30 août et le 11 octobre, auquel 32 pirates éthiques ont participé.
Divers
Lufthansa fait marche arrière sur l’interdiction des AirTags – Le Monde Informatique
Rétropédalage autour de l’interdiction des AirTags par Lufthansa. La compagnie aérienne les autorisera désormais sur ses vols, s’appuyant sur l’évaluation des risques par les autorités aéronautiques allemandes. La compagnie aérienne allemande Lufthansa a publié un tweet indiquant qu’à la suite de discussions avec les autorités aéronautiques allemandes elle autorisera désormais le transport d’AirTags sur ses vols.
Singapore, Germany to mutually recognise IoT cybersecurity labels
Singapore and Germany have inked a pact to recognise their respective cybersecurity rating system for smart consumer products, including smart speakers, household robots, and home automation hubs. The EU member is the second country to do so, following Finland.
1 Comment
Comments are closed.
Pingback: Veille Cyber N411 – 31 octobre 2022 |