Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉
Vol / perte de données
WhatsApp data leak: 500 million user records for sale
Cybernews has investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users.
Data from 5.4M Twitter users obtained from multiple threat actors
The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more than 5M users.
Cyberattaques / fraudes
Killnet Hits European Parliament Website with DDoS Attack
The DDoS attack took place moments after the European Parliament voted to declare the Russian government a state sponsor of terrorism.
Ransomware gang targets Belgian municipality, hits police instead
The Ragnar Locker ransomware gang has published stolen data from what they thought was the municipality of Zwijndrecht, but turned out to be stolen from Zwijndrecht police, a local police unit in Antwerp, Belgium.
Hackers breach energy orgs via bugs in discontinued web server
Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.
Failles / vulnérabilités
Un an après la découverte de Log4j, l’extrême vulnérabilité des organisations n’ayant pas appliqué les correctifs
Près d’un an après la découverte de la faille Log4j, une alerte conjointe de la CISA et du FBI avertit les organisations de l’urgence à appliquer les mesures correctrices.
Les US s’inquiètent de la cybersécurité des plateformes pétrolières et de gaz offshore – Le Monde Informatique
Intrusion, Hacking et Pare-feu : Les infrastructures pétrolières et gazières offshore sont confrontées à des risques cybersécurité importants avec de sérieuses menaces et impacts…
Google lance l’alerte : des millions de smartphones Android exposés à des failles de sécurité
L’équipe d’experts en sécurité informatique de Google, connue sous le nom » Project Zero « , a publié un billet de blog alertant sur la vulnérabilité des GPU Mali que l’on retrouve dans des millions de smartphones Android.
Microsoft warns: This forgotten open-source web server could let hackers ‘silently’ gain access to your system
Users of affected network gateway appliances likely don’t even know their router is running a web server that was discontinued 17 years ago.
Justice / police / réglementation
Two Estonians arrested for running $575M crypto Ponzi scheme
Two Estonian nationals were arrested in Tallinn, Estonia, on Sunday after being indicted in the U.S. for running a massive cryptocurrency Ponzi scheme that led to losses of more than $575 million.
Interpol seized $130 million from cybercriminals worldwide
INTERPOL has announced the seizure of $130,000,000 million worth of money and virtual assets linked to various cybercrimes and money laundering operations.
Police are sending messages to 70,000 people who may have fallen victim to phone scammers
A major anti-fraud operation is underway, following an international crackdown on spoofing.
Suisse
Divers
UK urges to disconnect Chinese cameras in government buildings
The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks.
