Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
How we handled a recent phishing incident that targeted Dropbox
By Dropbox Security Team * Nov 01, 2022 What happened and our response What we’re doing next We were recently the target of a phishing campaign that successfully accessed some of the code we store in GitHub. No one’s content, passwords, or payment information was accessed, and the issue was quickly resolved.
Hackers selling access to 576 corporate networks for $4 million
A new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4,000,000, fueling attacks on the enterprise. The research comes from Israeli cyber-intelligence firm KELA which published its Q3 2022 ransomware report, reflecting stable activity in the sector of initial access sales but a steep rise in the value of the offerings.
Vodafone Italy discloses data breach after reseller hacked
Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telecommunications services in the country, has suffered a cyberattack. According to the notice, the cyberattack took place in the first week of September and resulted in the compromise of sensitive subscriber details.
Cyberattaques / fraudes
Dropbox Hacked
The company revealed that on October 14, they became aware that an attacker stole employee credentials, using them to access source code containing « primarily, API keys – used by Dropbox developers ». While it’s currently unclear what those API keys were used for, Dropbox has drawn criticism from API experts for not properly securing their assets.
LockBit ransomware claims attack on Continental automotive giant
The LockBit ransomware gang has claimed responsibility for a cyberattack against the German multinational automotive group Continental. LockBit also allegedly stole some data from Continental’s systems, and they are threatening to publish it on their data leak site if the company doesn’t give in to their demands within the next 22 hours.
Thales de nouveau inquiété par Lockbit – Le Monde Informatique
Dans un avis publié sur le darknet, le groupe de cyberpirates Lockbit 3.0 revendique une attaque informatique réussie contre Thales. Un ultimatum a été fixé au 7 novembre 2022 pour la divulgation des données piratées. Le groupe de défense et de sécurité Thales semble être une cible de choix pour les cyberactivistes.
French-speaking crooks stole $30m in bank cyber-heist spree
A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers.
Malicious Android apps with 1M+ installs found on Google Play
A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing users sites that steal sensitive information or generate ‘pay-per-click’ revenue for the operators. Some of these sites offer victims to download fake security tools or updates, to trick users into installing the malicious files manually.
Australian Defence Force Communications Service Hit by Ransomware Attack
ForceNet, a communications platform used by Australian military personnel and defense employees, is the latest victim of a ransomware attack.
Failles / vulnérabilités
Samsung Galaxy Store Bug Could’ve Let Hackers Secretly Install Apps on Targeted Devices
Researchers describe a recently reported vulnerability in Samsung’s Galaxy Store app that could have enabled attackers to install and/or launch apps.
Justice / police / réglementation
Hacker Charged With Extorting Online Psychotherapy Service
A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius « Zeekill » Kivimaki, a notorious hacker who – at the tender age of 17 – had been convicted of more than 50,000 cybercrimes, including data breaches, payment fraud, operating botnets, and calling in bomb threats.
Student Suspected of Running Germany’s Largest Dark Web Market DiDW
Authorities arrested a student in Bavaria on suspicion of his involvement in running one of the country’s largest dark web marketplaces DiDW.
SolarWinds reaches $26m settlement, expects SEC action
SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit, and it’s also expecting to be slapped with an enforcement action by Uncle Sam – both related to its infamous 2020 supply chain security fiasco, according to the software maker’s most recent US regulatory filing.
Suisse
Rapport semestriel du NCSC: la cybertechnologie dans les conflits armés
Berne, 03.11.2022 – L’actuel rapport semestriel du Centre national pour la cybersécurité (NCSC) traite des principaux cyberincidents qui se sont produits en Suisse et dans le reste du monde durant le premier semestre 2022. L’utilisation de la cybertechnologie dans les conflits armés en est le thème central.
Le délégué fédéral à la cybersécurité a représenté la Suisse au sommet international de la Counter Ransomware Initiative à Washington
Berne, 03.11.2022 – Les 31 octobre et 1er novembre 2022, 36 États et l’UE ont participé, à l’invitation de la Maison Blanche, au deuxième sommet international de la Counter Ransomware Initiative, qui s’est tenu à Washington. Le délégué fédéral à la cybersécurité Florian Schütz a représenté la Suisse au sein des cinq groupes de travail.
Divers
Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup
Written by Suzanne Smalley Nov 4, 2022 | CYBERSCOOP The settlement last week in a $100 million lawsuit over whether insurance giant Zurich should cover losses Mondelez International suffered from NotPetya may very well reshape the entire cyber insurance marketplace.
Second sommet contre les ransomwares à la Maison-Blanche – Le Monde Informatique
Réunis à la Maison-Blanche, les représentants de 36 pays – dont la France avec l’Anssi – et l’UE s’accordent à dire que la lutte contre les rançongiciels nécessite une collaboration internationale, mais que les systèmes juridiques doivent rattraper leur retard.
Marc Barbezat
Veilleur et spécialiste en cybersécurité
1 Comment
Comments are closed.
Pingback: Veille Cyber N413 – 14 novembre 2022 |