Le tour des actus cybersécurité | 4 sept 2022

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes.

Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

Vol / perte de données

https://www.zdnet.com/article/hackers-gained-access-to-samsung-customer-data/#ftag=RSSbaffb68

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

The Hackers Who Breached Neopets Were Inside Its IT Systems for 18 Months

New details about a massive data breach affecting the digital pet company shows that the hacker had long-term access to its network and user data.

Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal

The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen customers’ data.

Russian streaming platform Start discloses a data breach impacting 7.5M users

The Russian subscription-based international streaming service Start discloses a data breach affecting 7.5 million users.

IRS data leak exposes personal info of 120,000 taxpayers

The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns.

Cyberattaques / fraudes

FBI is helping Montenegro in investigating the ongoing cyberattack

A team of cybersecurity experts from the US FBI will help the authorities in Montenegro to investigate the recent massive cyberattack.

BlackCat ransomware claims attack on Italian energy agency

The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy’s energy agency Gestore dei Servizi Energetici SpA (GSE) over the weekend.

FBI issues warning after crypto-crooks steal $1.3 billion in just three months

The FBI has warned that cybercriminals are increasingly targeting DeFi platforms and exploiting vulnerabilities in smart contracts.

China-linked APT40 targets wind turbines, Aust. government

ScanBox installed after victims lured to fake Murdoch news sites with phishing emails

Hackers hide malware in James Webb telescope images

Threat analysts have spotted a new malware campaign dubbed ‘GO#WEBBFUSCATOR’ that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware.

LockBit ransomware gang gets aggressive with triple-extortion tactic

LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level.

Hackers caused a massive traffic jam in Moscow using a ride-hailing app

Hackers caused a huge traffic jam in Moscow after using the Yandex Taxi ride-hailing app to summon all available taxi drivers to the same location at the same time.

Failles / vulnérabilités

A flaw in TikTok Android app could have allowed the hijacking of users’ accounts

Microsoft discovered a vulnerability in the TikTok app for Android that could lead to one-click account hijacking.

Google Chrome issue allows overwriting the notebook content

A security issue in the Google Chrome browser could allow malicious web pages to automatically overwrite clipboard content.

Apple just delivered an important security patch for these older iPhones

Apple issues a security update for iOS 12 to address a bug that was being actively exploited.

Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users

Twilio says hackers also gained access to the two-factor authentication (2FA) Authy accounts of 93 users in a recent security breach.

New Ransomware Group BianLian Activity Exploding

The threat actor using the common Go programming language and a custom toolkit claims twenty victims

Announcing Google’s Open Source Software Vulnerability Rewards Program

Posted by Francis Perron, Open Source Security Technical Program Manager, and Krzysztof Kotowicz, Information Security Engineer Today, we a…

Justice / police / réglementation

Sephora Fined $1.2 Million for Breaching CCPA and Selling User Data

The cosmetic giant Sephora has been accused of breaching California Consumer Privacy Act (CCPA) by allegedly selling its customer data.

NATO Probes Hackers Selling Data from Top Missile Firm MBDA

MBDA is the world’s 2nd largest producer of missiles and hackers are selling 70 GB worth of its data for 1 BTC on a Russian forum.

Mississippi felon admits illegally 3D printing gun parts

Just days after US rules tackling homemade firearms take effect

C’est confirmé: la nouvelle LPD entre en vigueur en septembre… 2023

La nouvelle loi suisse sur la protection des données entrera en vigueur le 1er septembre 2023. A l’origine, elle était prévue pour le deuxième semestre 2022. Le Conseil fédéral explique vouloir laisser suffisamment de temps aux milieux économiques pour entreprendre les démarches nécessaires en vue de la mise en œuvre du nouveau droit.

US Police Deployed Obscure Smartphone Tracking Tool With No Warrants

It would allow police to search billions of mobile device-based records, including GPS data

Suisse

An alliance to strengthen collective cyber resilience

The constant increase in cyber threats requires new solutions. Therefore, the Cyber-Defence Campus, armasuisse Science & Technology, is working with Tune Insight to test its secure threat intelligence sharing software. The collaboration develops and investigates novel solutions for the secure exchange of cyber threat data.

Cyber-commissariat: le Ministère public de la Confédération en veut un, Fedpol non

Le Ministère public de la Confédération demande toujours la création par Fedpol d’un cyber-commissariat au sein de la Police judiciaire fédérale (PJF). L’objectif serait d’améliorer la coopération entre les autorités dans la lutte contre la cybercriminalité au niveau fédéral.

Divers

US telcos admit to storing, handing over location data

Letters to FCC confirm what many believed, don’t address a bigger problem

https://cio-mag.com/la-cybersecurite-pour-les-plus-vulnerables-hackers-without-borders-et-yeswehack-annoncent-un-partenariat-pour-proteger-les-ong/

NSA and CISA share tips to secure the software supply chain

The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance today with tips on how to secure the software supply chain.