Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Zoom Blow as Thousands of User Videos Are Found Online
Default naming convention blamed for privacy snafu
Vol de données d’un fournisseur de messagerie électronique: 600000 victimes | WeLiveSecurity
Les données personnelles des utilisateurs sont désormais accessibles sur le marché noir pour une somme comprise entre 3 500$ et 22 000$ US, en Bitcoin.
Cyber-attaques / fraudes
Hacking forum gets hacked for the second time in a year
Forum where hackers sold and bought hacked accounts gets hacked itself.
San Francisco airport websites hacked to swipe personal device credentials
Two websites affiliated with San Francisco International Airport (SFO) were compromised with code last March, allowing attackers to steal device login credentials from users who visited these sites, airport officials have disclosed. The breach affected the websites SFOConnect.com, which appears to deliver informational content to the SFO workfo…
Cybersecurity News, Awards, Webinars, eSummits, Research
The essential resource for cybersecurity professionals, delivering in-depth, unbiased news, analysis and perspective to keep the community informed, educated and enlightened about the market.
Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay
Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs
Travelex Reportedly Paid $2.3 Million Ransom to Restore Operations
Travelex reportedly paid a $2.3 million ransom payment to get their systems back online after being encrypted by a Sodinokibi ransomware attack.
Un opérateur de télécommunications russe détourne le trafic internet
Rostelecom a été impliqué dans un incident de détournement BGP cette semaine, affectant plus de 200 CDN et fournisseurs de Cloud.
Failles / vulnérabilités
Zoom : le service de vidéoconférence de nouveau épinglé pour la qualité médiocre de son chiffrement
Contrairement à ce qui est affirmé sur le site web de ce service de vidéoconférence, les flux audio et vidéo ne sont pas chiffrés en AES 256 bits, mais en AES 128 bits et selon un mode particulièrement faible et peu recommandable. Pire : les clés de chiffrement étaient parfois stockées…
Réglementaire / juridique
Dutch police arrests suspect behind DDoS attacks on government sites
A 19-year old man from Breda, Netherlands, was arrested today for allegedly carrying out distributed denial-of-service (DDoS) attacks that caused two Dutch government websites to shut down for several hours on March 19, 2020.
Dutch Police takes down 15 DDoS-for-hire services in one week
The Dutch police have been very vocal about its efforts to take down online DDoS-for-hire services and in the past six months.
SEC settles with two suspects in EDGAR hacking case
Hacker directly responsible for the hack is still at large, though.
Australians Arrested Over $2.6m Email Scam
Australians charged with altering invoices to steal millions in a BEC scam
Divers
Zoom’s fall: Google bans Zoom from staffers’ gear
Google follows many others in banning use of the popular but troubled Zoom video-conferencing program.
China and Taiwan aren’t great friends. Zoom sends chats through China. So Taiwan has banned Zoom
Government and local business told to buy local, but slum it with Google or Microsoft if you must
Cette veille vous est utile ?
Offrez un café pour soutenir le serveur (et le rédacteur).
1 commentaire
Commentaires désactivés.