Voici les incidents majeurs concernant des pertes ou des vols de données découverts la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
UK ambulance services disrupted by infosec fiends
UK trusts serving 12 million people affected as vendor awaits results of forensic investigation
Hacker Claims to Have Stolen Sensitive Medical Records from Egypt’s Ministry of Health
SOCRAdar and Falcon Feeds reported that the threat actor allegedly started selling the dataset
VirusTotal issues apology for recent sensitive data leak
VirusTotal maintains that the data exposure was a consequence of human error and that no malicious actors were involved in the incident.
HackRead | Latest Cyber Crime – InfoSec- Tech – Hacking News
(adsbygoogle = window.adsbygoogle || ).push({});
Data Leak Exposes 572 GB of Student, Faculty Info from Accreditation Org
The data leak contained a vast array of sensitive information, spanning from 2012 to 2023, making it a treasure trove for potential cyber criminals.
700,000 Sensitive Teacher, Student Records Exposed on Web
A security researcher recently found a database exposed to the internet containing sensitive information on independent school students and faculty including
Over 19 Million Password Logs Sold on the Dark Web and Telegram
The exponential growth of info stealers has become a significant threat to all organizations, chatGPT, and increased cybercrime.
Norwegian government IT systems hacked using zero-day flaw
The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited a zero-day vulnerability in third-party software.
Over 400,000 corporate credentials stolen by info-stealing malware
The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments.
NATO investigates alleged data theft by SiegedSec hackers
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec.
Swiss visa appointments cancelled in UK due to ‘IT incident’
All appointments for Swiss Schengen tourist and transit visa applicants have been cancelled across the UK. TLScontact, the Swiss government’s chosen IT provider for facilitating visa applicants for citizens of third countries, has blamed an ‘IT incident’ at its London, Manchester, and Edinburgh centers for appointment cancellations.
BreachForums database and private chats for sale in hacker data breach
While consumers are usually the ones worried about their information being exposed in data breaches, it’s now the hacker’s turn, as the notorious Breached cybercrime forum’s database is up for sale and member data shared with Have I Been Pwned.
Apple says new App Store API rules will limit user fingerprinting
Starting this fall, Apple has announced that developers will be required to provide a reason for using certain APIs that can collect information from their apps’ users.
Google pousse Android à alerter sur le suivi d’AirTags importuns – Le Monde Informatique
Objets Connectés : Pour protéger toute personne du suivi Bluetooth indésirable sur Android, Google propose désormais des alertes de suivi de traceurs inconnus ainsi que…
US government contractor says MOVEit hackers accessed health data of ‘at least’ 8 million individuals | TechCrunch
Maximus, a U.S. government services company, says MOVEit hackers accessed the personal information of as many as 11 million individuals
Collecte de scans d’iris en France : la CNIL enquête sur Worldcoin
Les gendarmes de la vie privée en France se montrent déjà inquiets de la collecte de scan d’iris par Worldcoin, en l’échange de jetons gratuits de sa nouvelle crypto-monnaie.
New SEC rules put a time limit on reporting hacks and data breaches
The SEC has a new rule that requires public companies to disclose cybersecurity incidents just four days after they are discovered.