Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Social marketplace Trustanduse exposes nearly half a million users
Security loopholes on social marketplace website trustanduse.com exposed data of around 439,000 users………..
Canada’s largest alcohol retailer’s site hacked to steal credit cards
The Liquor Control Board of Ontario (LCBO), a Canadian government enterprise and the country’s largest beverage alcohol retailer, revealed that unknown attackers had breached its website to inject malicious code designed to steal customer and credit card information at check-out.
The Guardian Confirms UK Members’ Data Was Accessed in Ransomware Attack
The updates come from The Guardian’s CEO Anna Bateson and its editor-in-chief Katharine Viner
CircleCI says hackers stole encryption keys and customers’ secrets
In a post-mortem, CircleCi blamed malware stole an employee’s session token allowing intruders to access customer data.
Cyberattaques / fraudes
Vice Society ransomware claims attack on Australian firefighting service
Australia’s Fire Rescue Victoria has disclosed a data breach caused by a December cyberattack that is now claimed by the Vice Society ransomware gang.
ChatGPT is enabling script kiddies to write functional malware
For a beta, ChatGPT isn’t all that bad at writing fairly decent malware.
Royal Mail’s Attackers Linked to Russia-Backed LockBit
The ransomware gang allegedly used its latest encryptor, ‘Black,’ which borrows parts of the late Black Matter group’s encryptor
Airline company Air France-KLM discloses security breach
Airline company Air France-KLM is notifying the customers of its loyalty program Flying Blue of a data breach.
GitHub disables pro-Russian hacktivist DDoS pages
NoName057 used the software development platform to carry out DDoS attacks on targets in a variety of NATO nations.
Russian Hackers Targeted Three US Nuclear Research Labs
According to reports, a group of Russian hackers targeted three high-profile nuclear research laboratories in 2021.
Pro-Russian Hacktivist Group Targets Czech Presidential Election
The group used Telegram channels, a DDoS payment program, a multi-OS supported toolkit and GitHub
Failles / vulnérabilités
Russian Hackers Eager to Bypass OpenAI’s Restrictions to Abuse ChatGPT
According to Check Point Research (CPR), Russian hackers are trying to bypass OpenAI’s restrictions for the malicious use of ChatGPT.
L’EPFZ a identifié des failles dans le chiffrement de Threema
Début décembre, Threema a introduit un nouveau protocole de communication. Une analyse de l’EPFZ montre pourquoi ce changement était nécessaire. Les chercheurs ont découvert des points faibles dans la technologie de chiffrement utilisée jusque-là.
US Department of the Interior’s passwords “easily cracked”
A recent audit cracked 21 percent of the department’s passwords.
Justice / police / réglementation
TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws
The French data protection watchdog has fined TikTok €5 million for failing to comply with cookie consent regulations.
Suisse
Divers
Un bug informatique bloque les vols aux Etats-Unis – Le Monde Informatique
Continuité d’activité : La base de données Notam (Notice to air missions) gérée par l’aviation civile américaine a subi une panne interdisant en début de matinée tout trafic…
1 commentaire
Commentaires désactivés.