1 milliard de Bitcoins saisis et les cybercriminels de Maze ferment boutique #veille (8 nov 2020)

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

L'essentiel Cybersécurité, IA & Tech

Rejoignez la communauté. 3 fois par semaine, recevez l'analyse des tendances par Marc Barbezat. Pas de spam, juste de l'info.

Ou suivez le flux temps réel

Vol / perte de données

34M Records from 17 Companies Up for Sale in Cybercrime Forum
A diverse set of companies, including an adaptive-learning platform in Brazil, an online grocery service in Singapore and a cold-brew coffee-maker company, are caught up in the large data trove.

Capcom hit by Ragnar Locker ransomware, 1TB allegedly stolen
Japanese game developer Capcom has suffered a ransomware attack where threat actors claim to have stolen 1TB of sensitive data from their corporate networks in the US, Japan, and Canada.

23,600 hacked databases have leaked from a defunct ‘data breach index’ site
Site archive of Cit0day.in has now leaked on two hacking forums after the service shut down in September.

Hotel reservation platform leaked user data from top online booking sites
The list of online booking sites affected by the breach includes some of the top industry giants including Booking.com.

GitHub n’a pas été piraté ou presque pas – Le Monde Informatique
Intrusion, Hacking et Pare-feu : Hier, un développeur et hacktiviste indiqué que le code source de GitHub avait été dévoilé. Le CEO de GitHub est monté au créneau pour démentir un…

https://hotforsecurity.bitdefender.com/blog/health-practice-loses-patient-data-in-ransomware-attack-tells-clients-to-call-before-visiting-24490.html

Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple
Nitro PDF suffered a massive data breach that impacts many major organizations, including Apple, Chase, Citibank, Google, and Microsoft.

FBI: Hackers stole source code from US government agencies and private companies
FBI blames intrusions on improperly configured SonarQube source code management tools.

Cyberattaques / fraudes

Maze ransomware gang says it has quit the cybercrime business
A press release on the website of a notorious cybercrime gang, who stole data from organisations and demanded a ransom be paid for its safe return, says that it is closing down. The Maze gang not only…

Campari Group on the Rocks After Ransomware Attack
Italian drinks giant says IT systems temporarily suspended

US private prison, detention centers operator hit by ransomware attack
The victim of this ransomware attack is Geo Group that runs over 120 private prisons and illegal immigration detention centers across the globe.

Brazil’s court system under massive RansomExx ransomware attack
Brazil’s Superior Court of Justice was hit by a ransomware attack on Tuesday during judgment sessions that were taking place over video conference.

Linux version of RansomEXX ransomware discovered
This marks the first time a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusions.

Ryuk ransomware behind one third of all ransomware attacks in 2020 – Help Net Security
Researchers observed a significant increase in Ryuk ransomware detections in 2020. Through Q3 2020, 67.3 million Ryuk attacks were detected.

New Pay2Key ransomware encrypts networks within one hour
A new ransomware called Pay2Key has been targeting organizations from Israel and Brazil, encrypting their networks within an hour in targeted attacks still under investigation.

Failles / vulnérabilités

Google discloses actively exploited Windows zero-day (CVE-2020-17087) – Help Net Security
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild.

New Gitpaste-12 Botnet Exploits 12 Known Vulnerabilities
Researchers discover a new worm and botnet dubbed Gitpaste-12 for its ability to spread via GitHub and Pastebin.

Un problème de configuration expose les mots de passe de deux millions de cultivateurs de marijuana
Les mots de passe des utilisateurs du service GrowDiaries étaient stockés à l’aide de la fonction de hachage MD5 faible, ce qui exposait les comptes des clients à des attaques.

Réglementaire / juridique

https://hotforsecurity.bitdefender.com/blog/doj-seizes-1-billion-in-bitcoin-linked-to-the-infamous-silk-road-underground-marketplace-24487.html

Hacker was identified after the theft of $24 million from Harvest Finance
A threat actor has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance.

Divers

Deloitte’s ‘Test your Hacker IQ’ site fails itself after exposing database user name, password in config file
Security quiz site created by advisors includes inadvertent bonus round

Apple exigera l’affichage des informations privées collectées par les applis dès le 8 décembre
Apple va vous aider à y voir plus clair sur la manière dont les développeurs et éditeurs d’applis utilisent vos données. Dès le mois prochain, Cupertino passe aux actes. Il rend obligatoire le renseignement et la publication sur son App Store du type d’information que les applis récupèrent lorsque vous les utilisez.

https://hotforsecurity.bitdefender.com/blog/amazon-fires-employee-for-leaking-customer-data-24417.html

Cette veille vous a fait gagner du temps ?
Aidez DCOD à payer ses serveurs et à rester 100% gratuit et indépendant.

☕ Offrir un café

Navigation

Les derniers articles

iOS : Apple lance une alerte urgente sur l’écran de verrouillage

Cybercriminalité : les 6 opérations et arrestations du 3 avr 2026

Claude Mythos d’Anthropic : une IA surpuissante qui menacerait le Web

Wikipédia interdit l’IA générative pour rédiger ses articles

Fuites de données : les 9 incidents majeurs au 2 avril 2026

Suivez en direct

1 milliard de Bitcoins saisis et les cybercriminels de Maze ferment boutique #veille (8 nov 2020)

L'essentiel Cybersécurité, IA & Tech

Vol / perte de données

34M Records from 17 Companies Up for Sale in Cybercrime Forum

Capcom hit by Ragnar Locker ransomware, 1TB allegedly stolen

23,600 hacked databases have leaked from a defunct ‘data breach index’ site

Hotel reservation platform leaked user data from top online booking sites

GitHub n’a pas été piraté ou presque pas – Le Monde Informatique

Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple

FBI: Hackers stole source code from US government agencies and private companies

Cyberattaques / fraudes

Maze ransomware gang says it has quit the cybercrime business

Campari Group on the Rocks After Ransomware Attack

US private prison, detention centers operator hit by ransomware attack

Brazil’s court system under massive RansomExx ransomware attack

Linux version of RansomEXX ransomware discovered

Ryuk ransomware behind one third of all ransomware attacks in 2020 – Help Net Security

New Pay2Key ransomware encrypts networks within one hour

Failles / vulnérabilités

Google discloses actively exploited Windows zero-day (CVE-2020-17087) – Help Net Security

New Gitpaste-12 Botnet Exploits 12 Known Vulnerabilities

Un problème de configuration expose les mots de passe de deux millions de cultivateurs de marijuana

Réglementaire / juridique

Hacker was identified after the theft of $24 million from Harvest Finance

Divers

Deloitte’s ‘Test your Hacker IQ’ site fails itself after exposing database user name, password in config file

Apple exigera l’affichage des informations privées collectées par les applis dès le 8 décembre

Etiquettes

Marc Barbezat

2 commentaires

Des idées de lecture recommandées par DCOD

Navigation

Les derniers articles

Suivez en direct

L'essentiel Cybersécurité, IA & Tech

Vol / perte de données

Cyberattaques / fraudes

Failles / vulnérabilités

Réglementaire / juridique

Divers

Etiquettes

A lire également

2 commentaires

Des idées de lecture recommandées par DCOD

Un café pour DCOD ?