Cybersécurité Pour décoder l'actualité sur la cybersécurité , le cybercrime et les cyberattaques
Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Personal info of 90k hikers leaked by French tourism company La Malle Postale
The Cybernews research team has discovered a data leak on La Malle Postale’s system that exposed the personal data of their clients. The leaked information included names, phone numbers, emails, private communication via SMS messages, passwords, and employees’ credentials.
Après une cyberattaque – Des hackers publient des données volées de CH-Media et de la NZZ
Le groupe de pirates informatiques Play a mis sa menace à exécution et a publié sur le DarkNet des données volées à CH Media et au groupe NZZ. Des données concernant des collaborateurs en font partie, selon la NZZ. Environ 500 gigaoctets de données ont été mis en ligne sur le DarkNet, ont indiqué jeudi CH Media et la NZZ.
Australian software giant won’t say if customers affected by hack
Brisbane-based TechnologyOne asked regulators to halt trading on its stock after confirming that cybercriminals breached its network.
Hacker Pleads Guilty to Hijacking Biden, Elon, and Kim K’s Twitter Accounts
A man accused of hacking accounts in a scheme pleaded guilty on Tuesday for his role in cyber stalking and computer hacking that exploited numerous high-profile social media accounts. Joseph James O’Connor, 23, was extradited to the U.S.
Suspected Hackers Behind Spain’s Asylum Black Market Arrested
Police in Spain have arrested 69 people accused of using bots to circumvent the asylum system in the country. Spanish authorities said on Friday a gang had used the to obtain open time slots for the country’s online booking system, which is free, and resold the appointments to asylum seekers for 200 euros ($217) each.
A Mysterious New Hacker Group Is Lurking in Ukraine’s Cyberspace
Ukrainian networks have been on the receiving end of grimly sophisticated and innovative cyberattacks from Russia for nearly a decade, and Ukraine has increasingly struck back, particularly since the Kremlin’s invasion last year.
Des eurodéputés appellent à encadrer davantage l’utilisation des logiciels espions
Sécurité : La commission d’enquête du Parlement européen sur les logiciels espions vient de rendre sa copie. Les eurodéputés préconisent d’encadrer davantage cette industrie sulfureuse. Pas de moratoire, comme envisagé un temps, mais un cadre réglementaire accru.
Toyota Admits Decade-Long Data Leak Affecting 2.15 Million Customers
Toyota Motor Corp acknowledged earlier today that the vehicle data of approximately 2.15 million users was publicly accessible in Japan for nearly a decade, from November 2013 to mid-April 2023. Reuters first reported the news, specifying that according to Toyota spokesperson Hideaki Homma, the issue with Toyota’s cloud-based Connected service affects only vehicles in Japan.
Six years prison for ex-Ubiquiti staffer who stole data and attempted to extort millions of dollars
A former software engineer at Ubiquit Networks has been sent to prison for six years after stealing gigabytes of data from the firm, attempting to extort millions of dollars, and harming the company’s reputation in the media.
Feds Take Down 13 More DDoS-for-Hire Services
The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to » booter » services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S.
Google offers Dark Web monitoring for US Gmail users
With Google’s dark web monitoring, not only will users be able to check their email addresses on the dark web, but they will also receive alerts.
North Korean APT breached Seoul National University Hospital
The Korean National Police Agency (KNPA) revealed that a North Korea-linked APT group has breached one of the largest hospitals in the country, the Seoul National University Hospital (SNUH). The security breach took place between May and June 2021 and was aimed at stealing sensitive medical information and personal details.
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company’s private code signing keys on their dark website. « Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem, » Alex Matrosov, founder and CEO of firmware security firm Binarly, said in a tweet over the weekend.
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
Spanish Police dismantles cybercrime gang with 40 arrests! Hackers, fraudsters, and money launderers taken down!
Western Digital Confirms Customer Data Stolen in Ransomware Attack
Source: Igor Golovnov via Alamy Since its April 2 disclosure of a ransomware attack, Western Digital has conducted an investigation, which concluded a customer database was stolen that included the personal information of its online customers.
1M NextGen Patient Records Compromised in Data Breach
Update, 1:29 p.m. EDT: A company spokesperson provided this statement to Dark Reading: « Security, in all its forms, is a top priority for NextGen Healthcare. When we learned of the incident, we took steps to investigate and remediate, including working together with leading outside cybersecurity experts and notifying law enforcement.
FBI Disarms Russian FSB ‘Snake’ Malware Network
The US Department of Justice announced it has pulled off a joint operation code-named Medusa that decimated a long-standing malware operation run by the Federal Security Service of the Russian Federation (FSB).
Multiple Ransomware Groups Adapt Babuk Code to Target ESXi VMs
Over the past year, 10 different ransomware families have utilized leaked Babuk source code to develop lockers for VMware ESXi hypervisors. Hypervisors are programs used to run multiple virtual machines (VMs) on a single server. By targeting ESXi, hackers may be able to infect multiple VMs in an enterprise environment more directly than they could through conventional means.
Snake : le logiciel espion russe vieux de 20 ans neutralisé – Le Monde Informatique
Une action conjointe de forces de police et de justice à l’échelle internationale incluant le FBI a mis un terme au malware d’espionnage Snake. En activité depuis 20 ans, il est considéré comme le plus sophistiqué des services secrets russes.
Des services de Google Cloud toujours sous l’eau après l’incendie de Global Switch (MAJ) – Le Monde Informatique
L’affaire de l’incendie intervenu au sein de Global Switch à Clichy continue de faire des vagues pour les utilisateurs de Google Cloud. En effet, après avoir été noyée par les pompiers, la zone Europe-West9-a reste encore perturbée sur plusieurs services. A la fin avril, un incendie s’est déclaré dans les locaux de Global Switch à Clichy.
