Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café
Vol / perte de données
Les fabricants de smartphones pistent les utilisateurs
Les réseaux sociaux et les sites Web ne sont pas les seuls à conserver des données sur les utilisateurs. Les micrologiciels de smartphones et les applications du système impossibles à désinstaller collectent et envoient beaucoup de données.
Hacker accessed medical info at UMass Memorial Health
A cyber attack hit the UMass Memorial Health, threat actors had access to employee email system, potentially exposing patients info.
Cyberattaques / fraudes
Iranian Gas Stations Crippled After Suffering Cyberattack
Soon after the cyberattack, videos and posts started surfacing on social media displaying messages that read: « Khamenei! Where is our gas? »
Une cyberattaque perturbe la distribution d’essence en Iran – Le Monde Informatique
Intrusion, Hacking et Pare-feu : L’Iran fait face à une pénurie d’essence d’ampleur nationale depuis plus de 24 heures. Une cyberattaque a paralysé des stations-service à travers le…
SolarWinds hackers, Nobelium, once again strike global IT supply chains, Microsoft warns
The APT is probing potential new technology supply chain victims.
Acer hit with second cyberattack in less than a week, Taiwanese authorities notified
The same hacker group claimed responsibility for an attack on the company’s offices in Taiwan.
North Korean Lazarus APT Targets Software Supply Chain
Prolific threat group take a leaf out of the SolarWinds campaign
81% of UK Healthcare Organizations Hit by Ransomware in Last Year
65% of respondents believe a cyber attack on their organization could lead to loss of life
5,2 milliards $US en Bitcoin transigés potentiellement liés à un rançongiciel | WeLiveSecurity
Des transactions en bitcoins d’une valeur de 5,2 milliards $US pourraient être liées à des paiements de rançon pour 10 types de rançongiciels très courants.
Ransomware: le célèbre groupe de pirates REvil a été hacké par les autorités américaines
Une opération conjointe et multinationale des forces de l’ordre a permis de pirater les sauvegardes des serveurs de REvil et d’en prendre le contrôle.
A Russian-speaking ransomware gang says it hacked the National Rifle Association
An NRA spokesperson declined to comment when reached by phone.
Failles / vulnérabilités
FBI warns of fake govt sites used to steal financial, personal data
The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims.
UPDATE: EU’s Green Pass Vaccination ID Private Key Leaked or Forged
UPDATE: French & Polish authorities found no sign of cryptographic compromise in the leak of the private key used to sign the vaccine passports and to create fake passes for Mickey Mouse and Adolf Hitler, et al.
Israeli Researcher Cracked Over 3,500 Wi-Fi Networks in Tel Aviv City
Over 3500 WiFi networks in Tel Aviv have been cracked by Israeli researchers
QR Codes Help Attackers Sneak Emails Past Security Controls
A recently discovered campaign shows how attackers are constantly developing new techniques to deceive phishing victims.
Justice / police / réglementation
Police arrest 150 suspects after closure of dark web’s largest illegal marketplace
Following the closure of the dark web’s largest illegal marketplace, DarkMarket, earlier this year, law enforcement in the US, Europe, and Australia have arrested 150 alleged vendors and buyers.
EU investigating leak of private key used to forge Covid passes
The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob-all of which are being recognized as valid by the official government apps.
Police arrest hackers behind over 1,800 ransomware attacks
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries.
Man gets 7 years in prison for hacking 65K health care employees
Justin Sean Johnson, also known as TheDearthStar and Dearthy Star, was sentenced this week to seven years in prison for the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC).
TrickBot malware dev extradited to U.S. faces 60 years in prison
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison.
Suisse
Protonmail wins Swiss court victory over data retention
Doesn’t stop local courts’ surveillance orders, though
Divers
Le cybergang Fin17 recrute ses talents sur un site web maquillé – Le Monde Informatique
Intrusion, Hacking et Pare-feu : L’opérateur malveillant affilié à la Russie, Fin7, se fait passer sur le web pour une fausse société de sécurité nommée Bastion Secure. Son but :…
L0phtCrack Password Auditing Tool Now Available As Open Source
Developed and maintained for quite a while, the password auditing tool « L0phtCrack » now goes open source to assist the community. The developer anticipates active participation from the community in its improvement and maintenance in the