Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !
Vol / perte de données
Barnes & Noble cyber incident could expose customer shipping addresses, order history
Barnes & Noble has been the « victim of a cybersecurity attack, » the bookseller told customers in an email sent Wednesday.
Cybercriminals Steal Nearly 1TB of Data from Miami-Based International Tech Firm
Databases of sensitive, financial and personally identifiable info and documents from Intcomex were leaked on Russian-language hacker forum after a ransomware attack.
Breach at Dickey’s BBQ Smokes 3M Cards
One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the data was stolen in a lengthy data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country.
Cyber-attaques / fraudes
Norway says Russian hackers carried out breach at parliament
« This is a very serious incident, affecting our most important democratic institution, » Norway’s foreign minister said.
Une arnaque à la fausse mise à jour a permis de derober 22 millions de dollars en bitcoin
Des groupes cybercriminels envoient de fausses mises à jour aux propriétaires de portefeuilles Electrum, installent des logiciels malveillants et volent les fonds des utilisateurs.
Google offers details on Chinese hacking group that targeted Biden campaign
« [W]e’ve seen increased attention on the threats posed by APTs in the context of the U.S. election, » Google’s Shane Huntley said.
Android ransomware learns new tricks to lock devices
Microsoft security experts claim to have uncovered the latest trick being used by Android ransomware, subverting the operating system’s built-in protection mechanisms to lock devices and hold them to…
Iranian APT group hits schools, universities in global spear phishing attacks
The APT group known as Silent Librarian has increased its spear phishing attacks as schools and universities are back. Here’s what’s going on.
Iran Reports Two Major Cyber-Attacks
Iran’s ports and government institutions targeted in large-scale cyber-attacks
Software AG Continues Efforts Against $20M Ransomware Attack
The attack, which now includes extortion components, has moved into its second week.
Failles / vulnérabilités
Microsoft and Other Tech Companies Take Down TrickBot Botnet
The Joint Collaboration, US Government, Microsoft and Other Tech Companies Take Down TrickBot Botnet.
Hackers used VPN flaws to access US govt elections support systems
Government-backed hackers have compromised and gained access to US elections support systems by chaining together VPN vulnerabilities and the recent Windows CVE-2020-1472 security flaw.
Singapore tightens security requirements for new home routers
Effective from April 13 next year, home routers will have to meet new security requirements before they can be sold in Singapore.
Réglementaire / juridique
Morgan Stanley à l’amende de 60 M$ pour avoir mal protégé ses données clients – Le Monde Informatique
Données personnelles : Le bureau de contrôle du Trésor américain estime que Morgan Stanley n’a pas suffisamment surveillé les sous-traitants chargés de décommissionner deux…
German authorities raid FinFisher offices
Raids took place last week at 15 locations in Germany and at a connected company in Romania.
British Airways fined £20m over data breach
The fine is the largest ever issued by the Information Commissioner’s Office.
New York regulator faults Twitter for lax security measures prior to big account breach
The attacker used « vishing, » a social engineering scam on the rise.
German authorities raid FinFisher offices
Raids took place last week at 15 locations in Germany and at a connected company in Romania.
Divers
L’accélérateur Tech4Trust retient plus de vingt start-up pour sa deuxième édition
Consacré à la confiance numérique et désormais intégré à l’initiative Trust Valley, l’accélérateur Tech4Trust a sélectionné 27 start-up pour sa deuxième édition. Les jeunes pousses retenues sont actives dans les domaines de la cybersécurité, de la blockchain, de la protection de la sphère privée ou encore de la traçabilité.
Un système de reconnaissance faciale unique au monde fait ses débuts à Singapour
Singapour déploie un système reconnaissance faciale pour que les habitants aient accès aux services de l’État via cette technologie.
1 commentaire
Commentaires désactivés.