Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
DNA testing service data breach impacting 2.1 million users
DNA Diagnostics Center (DDC) has revealed that hackers managed to access highly sensitive and personal data of users including payment card data.
Planned Parenthood data breach: Hackers steal 400,000 patients’ data
According to Planned Parenthood, the latest data breach has affected its Los Angeles branch (PPLA) after it suffered a ransomware attack.
A la suite d’une intrusion, Panasonic doit faire face à une fuite de données
Des hackers ont réussi à accéder au réseau de Panasonic et a volé des données. Seraient concernées des informations sur les…-Cybersécurité
Police Iranienne piratée : 24 millions de données de conducteurs exfiltrés
Gestion des cookies We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking « Accept », you consent to the use of ALL the cookies.
Colorado energy company loses 25 years of data after cyberattack while still rebuilding network
DMEA did not use the term « ransomware » but said much of their data had been corrupted while phone and email services were down for weeks.
Cyberattaques / fraudes
Emotet’s back and it isn’t wasting any time
The world’s most notorious malware is back and it’s growing fast. What are researchers seeing and what does it mean?
abuse.ch on Twitter: « Emotet’s activity yesterday was huge in terms of unique #Emotet malware distribution sites reported to URLhaus 📢 It was an uptick of +447% compared to end of November! 🔥👉 https://t.co/fkDITyH9GT pic.twitter.com/iMJucbojgM / Twitter »
Emotet’s activity yesterday was huge in terms of unique #Emotet malware distribution sites reported to URLhaus 📢 It was an uptick of +447% compared to end of November! 🔥👉 https://t.co/fkDITyH9GT pic.twitter.com/iMJucbojgM
Hackers Steal $119M From ‘Web3’ Crypto Project With Old School Attack
The hacker took control of the web infrastructure of BadgerDAO decentralized autonomous organization and tricked users into giving them control.
Le cybergang Snatch revendique une attaque ransomware sur Volvo Car – Le Monde Informatique
Intrusion, Hacking et Pare-feu : Des captures d’écran de données dérobées à Volvo Car Corporation circulent sur le Darknet. Le gang de ransomware Snatch revendique l’attaque. De son…
APT37 targets journalists with Chinotto multi-platform malware
North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices.
American diplomats’ iPhones reportedly compromised by NSO Group intrusion software
Reuters claims nine State Department employees outside the US had their devices hacked
FBI: Cuba ransomware breached 49 US critical infrastructure orgs
The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors.
Le forum officiel de l’Olympique Lyonnais piraté pour « venger » l’attaque de Dimitri Payet
Le site de discussions des supporters lyonnais a été victime d’une cyberattaque le lendemain du jet de bouteille sur le Marseillais. Plus de 30.000 dossiers d’utilisateurs ont été volés, ils proviendraient d’une ancienne version du site.
Failles / vulnérabilités
Nine WiFi routers used by millions were vulnerable to 226 flaws
Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware.
Finland warns of Flubot malware heavily targeting Android users
Finland’s National Cyber Security Centre (NCSC-FI) has issued a « severe alert » to warn of a massive campaign targeting the country’s Android users with Flubot banking malware pushed via text messages sent from compromised devices.
8-year-old HP printer vulnerability affects 150 printer models
Researchers have discovered several vulnerabilities affecting at least 150 multi-function (print, scan, fax) printers made by Hewlett Packard.
Justice / police / réglementation
FBI seized $2.3 million in cryptocurrency from REvil ransomware affiliate
It’s the second time in the span of just two months the FBI has taken back stolen funds from a REvil affiliate.
Telegram channel admins who sold fake vaccine cards arrested
The Italian financial crime agency (Guardia di Finanza – GdF) has announced the arrest of several individuals suspected of managing Telegram channels to promote fake vaccine certificates, aka ‘Green Passes.’
Former Ubiquiti dev charged for trying to extort his employer
Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker.
Les plaintes pour rançongiciel ont augmenté de 32% en France en 2020
Selon les statistiques de la police et de la gendarmerie, on dénombre entre 380 et 460 plaintes liées à une cyberattaque par rançongiciel en…-Cybersécurité
No Title
No Description
Les Etats-Unis rejoignent l’appel de Paris sur la cybersécurité
Trois ans après le lancement du projet, la vice-présidente Kamala Harris a annoncé que les Etats-Unis rejoignaient cet accord regroupant 80 pays sur les normes de cybersécurité.
Suisse
Cybersécurité – Les communes vaudoises s’inquiètent d’être piratées
Syndics et conseillers municipaux ont participé en nombre à une séance d’information dédiée aux attaques informatiques, jeudi soir à Savigny. Tous estiment leur commune mal protégée.
Divers
Texas School District to Scan Children’s Devices
Students’ emails will be searched for keywords associated with cyber-bullying
Les cybercriminels proposent aussi des cours sur la création de botnet
Les chercheurs en sécurité préviennent que la prolifération de botnets pourrait s’intensifier à mesure que les escrocs apprennent à construire les leurs.
La Suède veut interdire le minage de cryptomonnaies énergivores
Les autorités suédoises ne tolèrent plus le minage de cryptomonnaies dans leur pays à cause de sa consommation d’énergie.
Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny
Sabbath appears to be a rebrand of Arcane.
Twitter removes another 3,000 state-backed accounts linked to six countries
2,000 banned accounts were linked to Chinese Communist Party narratives related to the treatment of Uyghurs in Xinjiang.
