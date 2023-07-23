Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.

Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

Apple Threatens to Pull iMessage and FaceTime from U.K. Amid Surveillance Demands Apple opposes UK’s surveillance plans that could weaken encryption in messaging apps.

Bund erinnert IT-Dienstleister an Cybersecurity-Pflichten Der Bund hat seine IT-Dienstleister kontaktiert. In einem Brief erinnert er die Unternehmen an ihre vertraglichen Pflichten bezüglich Datenschutz und Cybersicherheit. Das Schreiben verschickte die Verwaltung kurz nach einem Ransomwareangriff auf einen ihrer IT-Dienstleister.

Ukraine takes down massive bot farm, seizes 150,000 SIM cards Cyber ​​Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations.

Clop gang to earn over $75 million from MOVEit extortion attacks The Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft campaign.

Netscaler ADC bug exploited to breach US critical infrastructure org The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week.

Des failles dans les contrôleurs BMC fragilisent des millions de serveurs – Le Monde Informatique Intrusion, Hacking et Pare-feu : À la suite d’un vol de données survenu en 2021, des chercheurs ont découvert des failles critiques dans les firmwares de contrôleurs BMC de la marque…

JumpCloud says nation-state hackers breached its systems | TechCrunch The cloud company said it has evidence that a hacking group targeted a “small and specific” group of its customers.

Microsoft lost its keys, and the government got hacked | TechCrunch China hacked dozens of email accounts, including in government. Microsoft opens up, slightly, about how the hackers pulled off the heist.

US government launches the Cyber Trust Mark, its long-awaited IoT security labeling program | TechCrunch The Biden administration has launched its cybersecurity labelling program that aims to protect Americans against IoT security risks

North Korea-backed hackers breached JumpCloud to target cryptocurrency clients | TechCrunch Hackers backed by North Korea breached JumpCloud in an effort to target cryptocurrency clients, according to security researchers.

JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state “Extremely targeted” attack involved a data injection into JumpCloud’s commands framework.

Typo leaks millions of US military emails to Mali web operator Spelling error misdirected sensitive Pentagon messages to company running Mali’s TLD.

Microsoft to stop locking vital security logs behind $57-per-user monthly plan US agency urged Microsoft to expand access to logs that can identify cyberattacks.

As Many As 700,000 Turkish TikTok Accounts Were Hacked Before The Country’s Presidential Election A UK security agency warned TikTok about the exploited vulnerability more than a year earlier, but the company chose not to fix it.

L’ancien hacker vedette Kevin Mitnick est mort Cet américain de 59 ans avait multiplié les piratages dans sa jeunesse, au point de devenir l’un des fugitifs les plus recherchés par le FBI dans les années 1990.

“Millions” of sensitive US military emails were reportedly sent to Mali due to a typo Millions of emails were misdirected to Mali due to a typo that swapped the US military’s .MIL domain for Mali’s .ML domain, according to a report from the Financial Times.

Roblox data breach leaks almost 4,000 developer profiles Sensitive information identifying thousands of Roblox creators has been exposed following a data breach impacting attendees at a conference for Roblox developers

U.S. Blacklists Two Spyware Firms Run by an Israeli Former General The moves by the Commerce Department against the Europe-based firms are the latest effort to rein in a spyware industry that has spiraled out of control in recent years.

Facebook steals crimes information from Police Database – Cybersecurity Insiders Facebook is found accessing information being reported to the Metropolitan Police database and is doing it without the authorization from the law