Le tour des actus cybersécurité

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

L'essentiel Cybersécurité, IA & Tech

Rejoignez la communauté. 3 fois par semaine, recevez l'analyse des tendances par Marc Barbezat. Pas de spam, juste de l'info.

Ou suivez le flux temps réel

Vol / perte de données

Stolen data of 600,000 Indians sold on bot markets so far – study
Around five million people globally have had their data stolen and sold on the bot market till date, of which 600,000 are from India, making it the worst affected country, according to one of the world’s largest VPN serice providers NordVPN.

Des données sensibles des autorités judiciaires zurichoises finissent dans le milieu de la drogue
Pendant plusieurs années, des données sensibles des autorités de poursuite pénale zurichoises se sont retrouvées dans le milieu de la drogue. A l’origine de la fuite, la mise au rebut d’ordinateurs usagés, dont les disques durs n’ont pas été effacés correctement.

Cyberattaques / fraudes

FBI warning: This ransomware gang has hit over 100 targets and made more than $60 million
FBI and CISA have issued a joint alert about a ransomware group which has used old, unpatched vulnerabilities to access networks.

New Ransom Payment Schemes Target Executives, Telemedicine
Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the « patient. »

French hospital cancels operations after ransomware attack
A French hospital near Paris canceled operations and transfer some patients due to a cyber attack suffered over the weekend, France’s health ministry said.

Russia’s second-largest bank VTB Bank under DDoS attack
Russia’s second-largest bank VTB Bank reveals it is facing the largest DDoS (distributed denial of service) attack in its history.

Largest mobile malware marketplace identified by Resecurity in the Dark Web
Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators.

Failles / vulnérabilités

Samsung’s Android app-signing key has leaked, is being used to sign malware
The cryptographic key proves an update is legit, assuming your OEM doesn’t lose it.

Antivirus and EDR solutions tricked into acting as data wipers
A security researcher has found a way to exploit the data deletion capabilities of widely used endpoint detection and response (EDR) and antivirus (AV) software from Microsoft, SentinelOne, TrendMicro, Avast, and AVG to turn them into data wipers.

https://www.bitdefender.com/blog/hotforsecurity/hacking-cars-remotely-with-just-their-vin/

Hackers earn $989,750 for 63 zero-days exploited at Pwn2Own Toronto
Pwn2Own Toronto 2022 has ended with competitors earning $989,750 for 63 zero-day exploits (and multiple bug collisions) targeting consumer products between December 6th and December 9th.

Justice / police / réglementation

Police Dismantle SIM Swapping Gang in Spain
The Spanish National Police successfully arrested a SIM swapping gang known as the « Black Panthers », making 55 arrests in Barcelona.

Australia arrests ‘Pig Butchering’ suspects for stealing $100 million
The Australian Federal Police (AFP) have arrested four suspected members of a financial investment scam syndicate estimated to have stolen $100 million from victims worldwide.

SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m
Guilty party got 18 months, also has to pay back $20m he probably hasn’t got, which could land him in more hot water.

https://www.europol.europa.eu/media-press/newsroom/news/2-469-money-mules-arrested-in-worldwide-crackdown-against-money-laundering

Suisse

L’app suisse Threema change de technologie de chiffrement
Threema introduit un nouveau protocole de communication cryptographique appelé « Ibex ». Ce dernier promet de bénéficier d’une couche de sécurité supplémentaire. De plus, l’app suisse intègre le chiffrement de bout en bout dans les appels de groupe.

Proton VPN : le réseau privé virtuel suisse gagne toute l’UE | Silicon
Proton VPN, service de réseau privé virtuel multiplateforme, dispose désormais de serveurs dans tous les pays de l’Union européenne.

Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks
The move would shed light on hackers and sound the alarm more widely on cyber-threats in the country.

Divers

Apple will encrypt iCloud backups, addressing longstanding criticism
Privacy groups said the encryption features – which require users to opt in – are welcome but long overdue.

Cyber scammers are scamming each other, and revealing dark web secrets along the way
Scammers are scamming scammers, and that’s creating an unexpected window into their world.

Cyber-assurance : l’obligation de porter plainte sous 72 heures arrivera dès mars 2023
D’ici le premier semestre 2023, les victimes de cyberattaques devront déposer plainte sous 72 heures si elles veulent profiter de la couverture de l’assurance. Intégrée au projet de loi Lopmi, qui a été votée à l’Assemblée nationale mercredi et sera validée au Sénat la semaine prochaine, cette nouvelle contrainte agace une partie des entreprises.

Cette veille vous a été utile ?
Un café = un mois de serveur. Aidez DCOD à rester gratuit et indépendant.

☕ Offrir un café

Navigation

Les derniers articles

Mots de passe : l’ETH Zurich expose la faille des gestionnaires

Quantique en Suisse : l’EPFL cible la refonte cryptographique

Vulnérabilités : les 7 alertes critiques du 2 mars 2026

Cybersécurité : les 11 actualités majeures du 1 mars 2026

OFCS : Le rapport annuel 2025 révèle une cyberdéfense renforcée

Suivez en direct

Le tour des actus cybersécurité | 11 déc 2022

L'essentiel Cybersécurité, IA & Tech

Vol / perte de données

Stolen data of 600,000 Indians sold on bot markets so far – study

Des données sensibles des autorités judiciaires zurichoises finissent dans le milieu de la drogue

Cyberattaques / fraudes

FBI warning: This ransomware gang has hit over 100 targets and made more than $60 million

New Ransom Payment Schemes Target Executives, Telemedicine

French hospital cancels operations after ransomware attack

Russia’s second-largest bank VTB Bank under DDoS attack

Largest mobile malware marketplace identified by Resecurity in the Dark Web

Failles / vulnérabilités

Samsung’s Android app-signing key has leaked, is being used to sign malware

Antivirus and EDR solutions tricked into acting as data wipers

Hackers earn $989,750 for 63 zero-days exploited at Pwn2Own Toronto

Justice / police / réglementation

Police Dismantle SIM Swapping Gang in Spain

Australia arrests ‘Pig Butchering’ suspects for stealing $100 million

SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m

Suisse

L’app suisse Threema change de technologie de chiffrement

Proton VPN : le réseau privé virtuel suisse gagne toute l’UE | Silicon

Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks

Divers

Apple will encrypt iCloud backups, addressing longstanding criticism

Cyber scammers are scamming each other, and revealing dark web secrets along the way

Cyber-assurance : l’obligation de porter plainte sous 72 heures arrivera dès mars 2023

Etiquettes

Marc Barbezat

1 commentaire

Des idées de lecture recommandées par DCOD

Navigation

Les derniers articles

Suivez en direct

L'essentiel Cybersécurité, IA & Tech

Vol / perte de données

Cyberattaques / fraudes

Failles / vulnérabilités

Justice / police / réglementation

Suisse

Divers

Etiquettes

A lire également

1 commentaire

Des idées de lecture recommandées par DCOD

Un café pour DCOD ?