Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
Croatian phone carrier data breach impacts 200,000 clients
Croatian phone carrier ‘A1 Hrvatska’ has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people.
Puma hit by data breach after Kronos ransomware attack
Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021.
ID.me Will Make Facial Recognition Optional for Government Agencies
The major reversal comes one day after the IRS ended its use of ID.me’s facial recognition service and amidst an outpouring of public pushback.
Cyberattaques / fraudes
Ransomwares : ces pirates libèrent vos données… en échange d’un like
Une tentative de piratage atypique a été repérée par des chercheurs en cybersécurité.
Swissport ciblé par un ransomware: des vols retardés
Swissport a été victime d’une attaque au ransomware. En conséquence, certains systèmes informatiques de l’entreprise ont été inaccessibles, perturbant le trafic aérien. Swissport a déclaré avoir maîtrisé la situation.
Corée du Nord hors ligne : un pirate informatique s’attaque à une nation
Il s’appelle P4x et est un hacker. Et il a mis la Corée du Nord hors ligne après que l’État a tenté de le pirater.
Free decryptor released for TargetCompany ransomware victims
Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free.
China Suspected of News Corp Cyberespionage Attack
Attackers infiltrated the media giant’s network using BEC, while Microsoft moved to stop such attacks by blocking VBA macros in 5 Windows apps. Included: more ways to help stop BEC.
Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares
The Maze gang are purportedly never going back to ransomware and have destroyed all of their ransomware source code, said somebody claiming to be the developer.
Failles / vulnérabilités
Google says nearly $9 million given out in 2021 vulnerability rewards
Payouts doubled for Android when compared to 2020, with researchers receiving almost $3 million.
PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE
The plug-in’s default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said.
Major SAP vulnerability requires urgent patch to prevent HTTP request smuggling attacks
SAP ICM vulnerability allows theft of credentials and session information, which can be used to launch ransomware and steal sensitive data.
Justice / police / réglementation
Vol de cryptomonnaies : 3,6 milliards de dollars récupérés, un couple arrêté
Ilya Lichtenstein et sa femme Heather Morgan sont accusés d’avoir blanchi le produit de 119 754 bitcoins volés sur la plateforme de Bitfinex en 2016. Le point sur cette affaire tout à fait rocambolesque.
Le Parlement européen va enquêter sur l’utilisation du logiciel espion Pegasus par les Etats membres
Le groupe Renew Europe a eu gain de cause : une commission va être créée pour enquêter sur l'utilisation du logiciel espion Pegasus par…-Logiciels & Applications
European Police Flag 500+ Pieces of « Terrorist » Content
Service providers must now assess whether materials should be taken down
Russian Govt. Continues Carding Shop Crackdown
Russian authorities have arrested six men accused of operating some of the most active online bazaars for selling stolen payment card data. The crackdown – the second closure of major card fraud shops by Russian authorities in as many weeks – comes closely behind Russia’s arrest of 14 alleged affiliates of the REvil ransomware gang, and has many in the cybercrime underground asking who might be next.
Spanish police arrest suspects in SIM-swapping ring
Fraudsters used photocopies and stolen data to obtain duplicate SIM cards.
Suisse
CFF sans SwissID : l’identifiant national perd un » client important «
À partir d’avril, les CFF renoncent à l’identification avec SwissID. La carte d’identité électronique suisse perd donc encore de sa pertinence.
Europe’s biggest car dealer hit with ransomware attack
Emil Frey confirmed that the ransomware attack took place in January.
Divers
Internet Crime Complaint Center (IC3) | Criminals Increasing SIM Swap Schemes to Steal Millions of Dollars from US Public
The Federal Bureau of Investigation is issuing this announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts.
