L’hebdo cybersécurité | 7 Mai 2023

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

Mullvad VPN’s Office Raided By Police for User Data

Mullvad VPN does not store any user data; therefore, the Swedish police could not access any user data during the raid.

FBI seized other domains used by the shadow library Z-Library

The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. Z-Library is the world’s largest illegal library and claims to offer more than 11 million e-books for download. The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections.

https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html

Ransomware attack forces Dallas to shut down courts, disrupts some 911 services

The City of Dallas, Texas says a ransomware attack has downed 911 dispatch systems and forced the cancelation of jury trials.

Twitter confirms Circle tweets temporarily were not private

Twitter confirmed that a security error that made Circle tweets — posts that only go out to a small subset of friends — surface publicly.

T-Mobile has suffered yet another data breach

T-Mobile has experienced another data breach, reporting that personal information belonging to hundreds of account holders was exposed in an attack between late February and March 2023. The company disclosed in notification letters issued to impacted customers on April 28th that a hacker managed to access information such as full names, dates of birth, addresses, contact information, government IDs, social security numbers, and T-Mobile account pins.

http://www.europol.europa.eu/media-press/newsroom/news/288-dark-web-vendors-arrested-in-major-marketplace-seizure

Ex-Uber CSO Joe Sullivan gets probation for breach cover-up

Joe Sullivan won’t serve any serious time behind bars for his role in covering up Uber’s 2016 computer security breach and trying to pass off a ransom payment as a bug bounty. A San Francisco judge on Thursday sentenced the app maker’s now-former chief security officer to three years of probation plus 200 hours of community service, despite prosecutors’ pleas to throw Sullivan in the cooler.

Seized: 9 Crypto Laundering Sites Used by Ransomware Gangs

The US and Ukraine have jointly seized nine websites that offer cryptocurrency laundering services to cybercriminals and ransomware gangs.

German IT provider Bitmarck hit by cyberattack

The German IT service provider Bitmarck announced on April 30 it had taken all its systems offline due to a cyberattack. The incident impacted statutory health insurance companies that have their IT operated by BITMARCK. The company immediately reported the incident to the responsible authorities.

ALPHV gang claims ransomware attack on Constellation Software

Canadian diversified software company Constellation Software confirmed on Thursday that some of its systems were breached by threat actors who also stole personal information and business data. « The Incident was limited to a small number of systems related to internal financial reporting and related data storage by the operating groups and businesses of Constellation, » the company said.

Attackers Route Malware Activity Over Popular CDNs

One way to hide malicious activity is to make it look benign by blending in with regular traffic passing through content delivery networks (CDNs) and cloud service providers, according to a Netskope report.

White House unveils AI rules to address safety and privacy

The Biden administration today announced a new effort to address the risks around generative artificial intelligence (AI), which has been advancing at breakneck speeds and setting off alarm bells among industry experts. Vice President Kamala Harris and other administration officials are scheduled to meet today with the CEOs of Google, Microsoft, OpenAI, the creator of the popular ChatGPT chatbot, as well as with AI-startup Anthropic.

BlackCat publie des données volées à Western Digital – Le Monde Informatique

Le groupe de ransomware monte la pression d’un cran sur Western Digital en publiant plusieurs images provenant du vol de données survenu en avril. BlackCat menace de diffuser d’autres informations sensibles jusqu’au paiement d’une rançon.

Le site du Sénat sous le coup d’une attaque DDoS (MAJ) – Le Monde Informatique

Le site du Sénat est inaccessible depuis ce matin. Le groupe NoName qui avait revendiqué l’attaque DDoS contre l’Assemblée nationale en mars indique avoir cette fois frappé la chambre haute. Impossible ce matin d’accéder au site du Sénat.

ChatGPT : Samsung menace de licencier les employés qui utilisent l’IA

Samsung interdit l’utilisation de ChatGPT, Bard, Bing ou de n’importe quelle IA générative à son personnel. Suite à un incident malheureux, la firme considère les chatbots comme des dangers pour ses données confidentielles… Samsung a décidé d’interdire l’intelligence artificielle générative aux employés d’une de ses plus importantes divisions.

Google now lets you sign in with a passkey instead of a password

We all hate passwords — creating them, remembering them, storing them, and using them. Now Google has taken a major step toward a passwordless future, one that instead relies on passkeys. As of today, you can now log into any of your Google accounts using a passkey, which authenticates you via a facial or fingerprint scan or PIN instead of a password.

Apple delivers first-ever Rapid Security Response « cyberattack » patch – leaves some users confused

We’ve written about the uncertainty of Apple’s security update process many times before. We’ve had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them…