Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Les données volées par des hackers à Continental en vente sur Internet
Un vol de données de grande ampleur. Le groupe allemand Continental, victime d’une cyberattaque en août dernier, voit le groupe de hackers LockBit proposer à la vente une grande quantité de données volées en ce mois de novembre 2022.
Police published sexual assault victims’ names and addresses on its website
A UK police force has apologised after it published the names and addresses of victims of sexual assault on its website. Suffolk Police says that it has launched an investigation into how victims’ names, addresses, dates of birth, and details of reportedly hundreds of alleged offences were left on public view.
White House expected to issue executive order reining in spyware
Written by Tonya Riley Nov 18, 2022 | CYBERSCOOP The Biden administration plans to issue an executive order restricting how federal agencies can use spyware that poses security risks to the U.S., according to a letter sent to House Intelligence Committee leaders. According to the letter from the Departments of State and Commerce shared with CyberScoop by Rep.
Cyberattaques / fraudes
Iranian hackers use Log4Shell to mine crypto on federal computer system
Written by AJ Vicens Nov 16, 2022 | CYBERSCOOP Hackers with connections to the Iranian government broke into a U.S. government agency’s network in early 2022, utilizing a well-known flaw in an open-source software library to install cryptocurrency mining software and compromise credentials, federal cybersecurity officials said Wednesday.
CommonSpirit Health Cyber Attack Ransomware 2022
Hackers are targeting the healthcare industry. Health systems are making progress around cyber security, but a great deal remains to be done. The average breach cost within the healthcare industry adds up to more than $10 million.
Iran-linked threat actors compromise US Federal Network
According to a joint advisory published by the FBI and CISA, an Iran-linked APT group compromised a Federal Civilian Executive Branch (FCEB) organization using an exploit for the Log4Shell flaw ( CVE-2021-44228) and deployed a cryptomining malware. Log4Shell impacts the products of several major companies that use Log4j, but in many attacks, the vulnerability has been exploited against affected VMware software.
Lazarus uses DTrack in attacks against LATAM and European orgs
North Korea-linked APT Lazarus is using a new version of the DTrack backdoor to attack organizations in Europe and Latin America, Kaspersky researchers warn. DTrack is a modular backdoor used by the Lazarus group since 2019, it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan.
China-linked APT Billbug breached a certificate authority in Asia
State-sponsored actors compromised a digital certificate authority in a country in Asia as part of a cyber espionage campaign aimed at multiple government agencies in the region, Symantec warns. Symantec attributes the attack to a China-linked cyberespionage group tracked as Billbug (aka Lotus Blossom, Thrip).
Lockbit gang leaked data stolen from global high-tech giant Thales
Thales is a global high-tech leader with more than 81,000 employees worldwide. The Group invests in digital and deep tech innovations – big data, artificial intelligence, connectivity, cybersecurity and quantum – to build a future of trust, essential to the development of our societies, by placing people at the heart of decision-making.
FBI: Hive ransomware extorted $100M from over 1,300 victims
The Federal Bureau of Investigation (FBI) said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021. To add insult to injury, the FBI says that the Hive gang will deploy additional ransomware payloads on the networks of victims who refuse to pay the ransom.
Failles / vulnérabilités
EXCLUSIVE Russian software disguised as American finds its way into U.S. Army, CDC apps
LONDON/WASHINGTON, Nov 14 (Reuters) – Thousands of smartphone applications in Apple (AAPL.O) and Google’s (GOOGL.O) online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States, but is actually Russian, Reuters has found.
Justice / police / réglementation
L’Ukraine signe la Convention d’extradition
Gestion des cookies Nous utilisons des cookies sur notre site web pour vous offrir l’expérience la plus pertinente en mémorisant vos préférences et vos visites répétées. En cliquant sur « Accepter », vous consentez à l’utilisation de ces cookies.
Ukraine Police dismantled fraud group that made €200M per year
Ukraine’s cyber police and Europol arrested five members of a transnational fraud group that caused more than 200 million losses per year. The arrests are the results of a joint operation conducted with the support of law enforcement officers in Albania, Finland, Georgia, Germany, Latvia and Spain.
The FBI Came Close to Deploying Spyware for Domestic Investigations
The FBI came very close to using commercial spyware to aid in its domestic criminal investigations, the New York Times has . The spyware was developed by the , the notorious surveillance vendor from Israel whose products have been tied to spying all over the world.
Police Celebrate Arrest of 59 Suspected Scammers
A recent month-long anti-fraud crackdown across Europe resulted in the arrest of 59 suspected scammers, according to Europol. The operation ran all through October as part of the 2022 e-Commerce Action (eComm 2022) initiative.
Suisse
Top Zeus Botnet Suspect « Tank » Arrested in Geneva
Vyacheslav « Tank » Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources. Penchukov was named in a 2014 indictment by the U.S.
Divers
Twitter’s SMS Two-Factor Authentication Is Melting Down
SMS texts are not the most secure way to receive authentication codes, but many people rely on the mechanism, and security researchers agree that it’s better than nothing. As a result, even intermittent or sporadic outages are problematic for users and could put them at risk.
1 Comment
Comments are closed.
Pingback: Veille Cyber N415 – 28 novembre 2022 |