Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Mise à jour: les CFF mettent trois ans à colmater la fuite de données
Un expert informatique a identifié une faille sur une plateforme des CFF. Il a pu accéder aux données de quelque 500’000 clients du Swisspass. On apprend aujourd’hui que les chemins de fer étaient au courant de la faille de sécurité depuis 2018.
Finnish diplomats’ devices infected with Pegasus spyware
Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group’s Pegasus spyware.
Cyberattaques / fraudes
Cyberattacks on Squid Game Minecraft Tourney Take Down Andorra’s Internet
Some of the bursts of traffic reached up to 10Gbps, reports noted, overwhelming the country’s only ISP, and crippling Andorran Squidcraft gamers along with the rest of the population.
Segway Hit by Magecart Attack Hiding in a Favicon
Visitors who shopped on the company’s eCommerce website in January will likely find their payment-card data heisted, researchers warned.
LockBit gang claims it stole data from French Ministry of Justice
LockBit is threatening to leak stolen documents, but the ransomware gang has a reputation for crying wolf.
BlackCat ransomware targeting US, European retail, construction and transportation orgs
Palo Alto said that as of December 2021, BlackCat has the 7th largest number of victims listed on their leak site among ransomware groups that Unit 42 tracks.
Microsoft a contré une attaque DDoS géante sur Azure – Le Monde Informatique
Réseaux : Les serveurs Azure de Microsoft ont été visés par une attaque par déni de service distribué d’un volume sans précédent de 3,47 Tbps. La précédente,…
Belarusian activists launch ransomware attack in protest of dictatorship, Russian troop surge
The Belarusian Cyber-Partisans demanded the release of 50 political prisoners and the removal of all Russian troops from the country.
North Korea Loses Internet in Suspected Cyber-Attack
Cybersecurity researcher says outage may have been caused by DDoS attack
Failles / vulnérabilités
Over 20,000 data center management systems exposed to hackers
Researchers have found over 20,000 instances of publicly exposed data center infrastructure management (DCIM) software that monitor devices, HVAC control systems, and power distribution units, which could be used for a range of catastrophic attacks.
QNAP users still struggling with Deadbolt ransomware after forced firmware updates
Censys said about 4,000 devices are still infected with Deadbolt ransomware.
Linux-Targeted Malware Increases by 35% in 2021 | CrowdStrike
CrowdStrike has observed that malware targeting Linux-based systems increased by 35% in 2021. XorDDoS, Mirai and Mozi were the most common malware families.
Malware source code discovered on GitHub puts millions of IoT devices at risk
The nefarious minds behind a dangerous malware called BotenaGo have uploaded the source code to GitHub on October 16th 2021, according to new research by AT&
Justice / police / réglementation
Alleged carder gang mastermind and three acolytes under arrest in Russia
The motto of the gang was « In Fraud We Trust », and they went by a dizzying range of online nicknames.
$300,000 in fines issued as Canadian officials take down dark web marketplace
Officials said they shut down CanadianHQ, which they claimed was one of the largest Dark Web marketplaces in the world.
Suisse
Faille de sécurité sur le portail clients de CarPostal
Une faille de sécurité a été découverte sur le portail clients ticketcontrol.ch, exploité par CarPostal. Il était possible de consulter et de télécharger des documents, concernant notamment des resquilleurs, sans disposer de grandes connaissances techniques. La faille aurait déjà été comblée.
Divers
Tor Project battles Russian censorship through the courts
An appeal has been filed to challenge a block imposed by Russian authorities.
