Actus pour LeDécodeu

L’hebdo cybersécurité | 22 janv 2023

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

Vol / perte de données

New T-Mobile Breach Affects 37 Million Accounts

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

A hack at ODIN Intelligence exposes a huge trove of police raid files

The breach exposes the police tech firm’s own systems but also confidential law enforcement data uploaded by ODIN’s police customers.

Oops: Airline Leaked The Entire Federal No Fly List – View from the Wing

CommuteAir, which operates Embraer ERJ-145s for United Airlines, left the entire U.S. federal No Fly List on a server that was easily hacked. While the original requirement to show ID at the airport was a political decision, in order to appear to be ‘doing something’ after TWA flight 800, the reason you have to show I.D.

35,000 PayPal Accounts Hacked

A security notification released to PayPal customers this morning has revealed that up to 35,000 customers have fallen victim to a credential stuffing attack. Credential stuffing attacks involve bad actors systematically trying username and password combinations in order to break into an account.

1.7 TB of data from digital intelligence firm Cellebrite leaked online

The Israeli mobile forensics firm Cellebrite is one of the leading companies in the world in the field of digital forensics, it works with law enforcement and intelligence agencies worldwide. One of the most popular services provided by the company is the UFED ( Universal Foresenic Extraction Device) which is used by law enforcement and intelligence agencies to unlock and access data on mobile devices.

Nissan Supplier Leaked Data on Thousands of Customers

Nissan North America has informed thousands of customers that their personal information may have been accessed by an unauthorized third party, after a mistake by a supplier. Nearly 18,000 individuals were impacted by the incident, which occurred on June 21 but was not fully discovered until September 26 2022, according to a breach notification published by the Office of the Maine Attorney General.

Cyberattaques / fraudes

Massive ad-fraud op dismantled after hitting millions of iOS devices

A massive ad fraud operation dubbed ‘Vastflux’ that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been disrupted by security researchers at cybersecurity company HUMAN. The operation’s name was derived from the VAST ad-serving template and the « fast flux » evasion technique used to conceal malicious code by rapidly changing a large number of IP addresses and DNS records associated with a single domain.

1,000 ships impacted by a ransomware attack on DNV

About 1,000 vessels have been impacted by a ransomware attack against DNV, one of the major maritime software suppliers. DNV GL provides solutions and services throughout the life cycle of any vessel, from design and engineering to risk assessment and ship management.

Mailchimp victime d’une cyberattaque par social engineering – Le Monde Informatique

L’éditeur spécialisé en solutions de gestion des campagnes d’e-mailing marketing Mailchimp a été touché par une intrusion sur son SI via une attaque par ingénierie sociale. 133 comptes clients ont été hackés mais les données de paiement et les mots de passe n’ont pas été compromis.

Failles / vulnérabilités

Hackers now use Microsoft OneNote attachments to spread malware

Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. This comes after attackers have been distributing malware in emails using malicious Word and Excel attachments that launch macros to download and install malware for years.

Justice / police / réglementation

Russian founder of a cryptocurrency exchange known for funneling ransomware profits arrested

Written by Tonya Riley Jan 18, 2023 | CYBERSCOOP The founder and majority owner of a Hong Kong-based cryptocurrency exchange, which law enforcement officials allege is a « haven for criminal proceeds and funds, » has been arrested for failing to comply with U.S. anti-money laundering requirements, the Justice Department announced Wednesday.

WhatsApp attaque enfin en justice la société qui a créé le logiciel espion Pegasus

WhatsApp va pouvoir enfin faire juger l’action de la société israélienne NSO, à l’origine du logiciel espion Pegasus. La Cour suprême des États-Unis vient d’autoriser les poursuites judiciaires contre l’entreprise israélienne NSO. Le logiciel Pegasus utilisé pour espionner des journalistes Le moment de vérité semble enfin arriver pour NSO, la société israélienne qui a développé le logiciel espion Pegasus.

Suisse

Le rattachement de l’Office fédéral de la cybersécurité au DDPS ne fait pas que des heureux

Le nouvel Office fédéral de la cybersécurité sera rattaché au Département fédéral de la défense, de la protection de la population et des sports (DDPS). Le Conseil fédéral l’a annoncé début décembre 2022.

En Valais, un informaticien menace de publier des données policières sur le darknet

A la tête de sa propre société, un informaticien a mis au point voici 13 ans un programme utilisé par plusieurs polices communales en Valais. Le Nouvelliste rapporte que le développeur, qui continuait à gérer le système, a menacé de publier des données sensibles sur le darknet.

Divers

Hack the Pentagon 3.0: Groundbreaking Bug Bounty Program Is Back

The U.S. Department of Defense has announced the third chapter of its « Hack the Pentagon » bug bounty program, which was first launched in 2016.

un petit clic pour ma veille
un super clic pour la maintenance du blog

Veilleur et spécialiste en cybersécurité

Post a comment

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

S'incrire à la newsletter

Inscrivez-vous et recevez la synthèse des nouveaux articles directement dans votre boîte aux lettres.

Merci pour votre inscription !

Un erreur s'est produite. Merci d'essayer à nouveau ou utiliser le formulaire disponible dans la barre latérale du site.

Send this to a friend