Cybersécurité Pour décoder l'actualité sur la cybersécurité , le cybercrime et les cyberattaques
Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
FIN7 gang returned and was spotted delivering Clop ransomware
Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7). The attacks confirm the return of the threat actors after a long period of inactivity.
2021 data breach exposed data of 70 Million Luxottica customers
Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.
Apple restricts employees from using ChatGPT over fear of data leaks
Apple has restricted employees from using AI tools like OpenAI’s ChatGPT over fears confidential information entered into these systems will be leaked or collected. According to a report from The Wall Street Journal , Apple employees have also been warned against using GitHub’s AI programming assistant Copilot.
Lemon Group gang pre-infected 9 million Android devices for fraudulent activities
A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and social media and online messaging accounts and monetization via advertisements.
18-Year-Old Charged in Massive DraftKings Data Breach
A Madison, Wisconsin teen has been charged with a massive credential stuffing attack that targeted DraftKings users in November 2022.
KeePass Vulnerability Imperils Master Passwords
For the second time in recent months a security researcher has discovered a vulnerability in the widely used KeePass open source password manager. This one affects KeePass 2.X versions for Windows, Linux, and macOS, and gives attackers a way to retrieve a target’s master password in cleartext from a memory dump – even when the user’s workspace is closed.
Apple Patches 3 Zero-Days Possibly Already Exploited
Source: PlumTree Studio via Alamy Stock Photo Three zero-day vulnerabilities – tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373 – were found in Apple’s WebKit browser platform and affect iOS, macOS, and iPad products.
Toyota Japan confirms decade-long security breach affecting more than 2M customers
Japanese auto firm, Toyota, recently announced that a decade-long data breach in its online service has compromised information on more than 2 million vehicles at risk. Customers affected included those who signed up for the T-Connect network service between the beginning of 2012 until April 17.
https://thehackernews.com/2023/05/apple-thwarts-2-billion-in-app-store.html
Polish news websites hit by DDoS attacks
WARSAW, May 18 (Reuters) – Several Polish news websites were hit by distributed denial-of-service (DDoS) attacks that the government said could be the action of Russian hacking groups, the digitalisation minister was quoted as saying on Thursday.
Malware turns home routers into proxies for Chinese state-sponsored hackers
Researchers on Tuesday unveiled a major discovery-malicious firmware that can wrangle a wide range of residential and small office routers into a network that stealthily relays traffic to command-and-control servers maintained by Chinese state-sponsored hackers.
Capita breach fallout widens as customers learn of data theft
The U.K. outsourcing giant is facing criticism after leaving gigabytes of files unprotected on the internet.
US pharmacy giant says hackers accessed personal data of almost 6 million patients
PharMerica has confirmed hackers accessed patient Social Security numbers and sensitive health insurance information.
DOJ Offers $10 Million Reward for Info on Alleged Russian Ransomware Hacker
A Russian national has been charged for his alleged role in the cyberattacks against law enforcement, government agencies, hospitals, and schools. The U.S. Department of Justice unsealed two indictments on Tuesday against Mikhail Pavlovich Matveev, who is known online as Wazawaka, claiming he demanded a total of $400 million from his victims and received roughly $200 million in ransom payments.
Smashing Pumpkins aurait payé une rançon pour récupérer leurs nouvelles chansons | UnderNews
Ci-dessous les commentaires de Shawn Surber, Senior Director TAM, et de Mellissa Bishop, Director, Endpoint Security Research chez Tanium, à propos de la nouvelle selon laquelle le groupe Smashing Pumpkins aurait payé une rançon pour éviter que leurs nouvelles chansons ne soient publiées.
North Korean hackers stole $721 million in cryptocurrency from Japan – Nikkei
TOKYO, May 15 (Reuters) – Hacker groups affiliated with North Korea have stolen $721 million worth of cryptocurrency assets from Japan since 2017, the Nikkei business daily reported on Monday, citing a study by U.K. blockchain analysis provider Elliptic. The amount is equal to 30% of the total of such losses globally, the Nikkei reported.
Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online
A ransomware group has emerged in recent weeks and has already listed four victims including three in the U.S. on its leak site, researchers with the cybersecurity firm Cisco Talos said Monday. The group that calls itself « RA GROUP » is just the latest entity to use the Babuk ransomware source code, which a developer leaked in September 2021 on a Russian-language forum.
Spanish cops arrest 69 in immigration bot scheme
Police have arrested 69 people alleged to have used bots to book up nearly all of Spain’s available appointments with immigration officials, and then sold those meeting slots for between €30 and €200 ($33 to $218) to aspiring migrants.
