Le tour des actus cybersécurité

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

Vol / perte de données

Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party.

Zoetop pays $1.9m to settle customer data theft case
That’s roughly 300,000 Shein crop tops

Offrez un café pour soutenir cette veille indépendante.

☕ Je soutiens DCOD

Mormon Church data stolen in ‘state-sponsored’ cyberattack
Don’t get your underwear in a twist

Toyota discloses accidental leak of some customers’ personal information
Toyota Motor Corporation discloses data leak, customers’ personal information may have been exposed after an access key was exposed on GitHub.

Cyberattaques / fraudes

Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers
As seen by Hackread.com, the Iranian broadcaster was hacked while airing a news bulletin on Saturday night.

US airports’ sites taken down in DDoS attacks by pro-Russian hackers
The pro-Russian hacktivist group ‘KillNet’ is claiming large-scale distributed denial-of-service (DDoS) attacks against the websites of several major airports in the U.S., making them unaccessible.

It was LockBit that forced NHS tech supplier to shut down
Managed software provider Advanced admits some customer data ‘exfiltrated’ in August ransomware attack

Indian power generation giant Tata Power hit by a cyber attack
Tata Power Company Limited, India’s largest power generation company, announced it was hit by a cyberattack.

Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server
Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers.

Almost 900 servers hacked using Zimbra zero-day flaw
Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months.

Cloudflare mitigated record DDoS attack against Minecraft server
Wynncraft, one of the largest Minecraft servers, was recently hit by a 2.5 Tbps distributed denial-of-service (DDoS) attack.

Failles / vulnérabilités

Fortinet warns that critical authentication bypass flaw has been exploited
US federal agencies need to quickly patch this critical Fortinet authentication bypass.

Justice / police / réglementation

Student jailed for hacking female classmates’ email, Snapchat accounts
On Thursday, a Puerto Rico judge sentenced a former University of Puerto Rico (UPR) student to 13 months in prison for hacking over a dozen email and Snapchat accounts of female colleagues.

Suisse

Cyberattaque contre Läderach: des données publiées sur le darkweb (update)
Le chocolatier suisse Läderach a fait état d’une cyberattaque à son encontre, qui a affecté sa production, sa logistique et son administration. Le gang de ransomware Bianlian a publié des données sur le darkweb.

Divers

German Cybersecurity Chief Faces Sacking Over Possible Russia Ties
Schoenbohm accused of having maintained contacts with people involved with Russian security services

L'essentiel Cyber & IA pour les pros du numérique.
Rejoignez la communauté DCOD. 3 fois par semaine, recevez l'essentiel des tendances Cybersécurité, IA et Tech décryptées par Marc Barbezat. Pas de spam, juste de l'info.

💡 Note : Certaines images ou extraits présents dans cet article proviennent de sources externes citées à des fins d’illustration ou de veille. Ce site est indépendant et à but non lucratif. 👉 En savoir plus sur notre cadre d’utilisation.

Vous appréciez ces analyses ?
Soutenez DCOD en offrant un café ☕

💡 Ne manquez plus l’essentiel

Les derniers articles

Samsung accusé : des logiciels espions sur ses téléphones abordables

250 serveurs saisis : coup d’arrêt à bulletproof hosting

Top 10 OWASP 2025 : les nouveaux risques de la sécurité applicative

Sturnus: un malware Android qui cible WhatsApp, Telegram, Signal

Manipulations inter-agents : des agents IA faciles à détourner

Toutes les catégories

Le tour des actus cybersécurité | 16 oct 2022

Vol / perte de données

Intel confirms leaked Alder Lake BIOS Source Code is authentic

Zoetop pays $1.9m to settle customer data theft case

Mormon Church data stolen in ‘state-sponsored’ cyberattack

Toyota discloses accidental leak of some customers’ personal information

Cyberattaques / fraudes

Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers

US airports’ sites taken down in DDoS attacks by pro-Russian hackers

It was LockBit that forced NHS tech supplier to shut down

Indian power generation giant Tata Power hit by a cyber attack

Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server

Almost 900 servers hacked using Zimbra zero-day flaw

Cloudflare mitigated record DDoS attack against Minecraft server

Failles / vulnérabilités

Fortinet warns that critical authentication bypass flaw has been exploited

Justice / police / réglementation

Student jailed for hacking female classmates’ email, Snapchat accounts

Suisse

Cyberattaque contre Läderach: des données publiées sur le darkweb (update)

Divers

German Cybersecurity Chief Faces Sacking Over Possible Russia Ties

Marc Barbezat

1 commentaire

Des idées de lecture cybersécurité

Samsung accusé : des logiciels espions sur ses téléphones abordables

250 serveurs saisis : coup d’arrêt à bulletproof hosting

Top 10 OWASP 2025 : les nouveaux risques de la sécurité applicative

Sturnus: un malware Android qui cible WhatsApp, Telegram, Signal

Manipulations inter-agents : des agents IA faciles à détourner