L’hebdo cybersécurité | 21 mai 2023

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Certaines d’entre elles seront développées dans les prochains articles. Bonne lecture et merci pour le café 😉

FIN7 gang returned and was spotted delivering Clop ransomware

Cybercriminal gang FIN7 returned with a new wave of attacks aimed at deploying the Clop ransomware on victims’ networks.

2021 data breach exposed data of 70 Million Luxottica customers

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers.

Apple restricts employees from using ChatGPT over fear of data leaks

Apple says employees shouldn’t use generative AI tools including OpenAI’s AI chatbot ChatGPT. ChatGPT stores users conversations by default, leading companies to worry about data leaks.

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices.

18-Year-Old Charged in Massive DraftKings Data Breach

A Madison, Wisconsin teen has been charged with a massive credential stuffing attack that targeted DraftKings users in November 2022.

KeePass Vulnerability Imperils Master Passwords

A newly discovered bug in the open source password manager, if exploited, lets attackers retrieve a target’s master password – and proof-of-concept code is available.

Apple Patches 3 Zero-Days Possibly Already Exploited

In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have been used by attackers.

Toyota Japan confirms decade-long security breach affecting more than 2M customers

Japanese auto firm, Toyota, recently announced that a decade-long data breach in its online service has compromised information on more than 2 million vehicles

Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions

Apple, in 2022, prevented over $2 billion in fraudulent transactions and rejected 1.7 million app submissions for privacy and security violations.

Polish news websites hit by DDoS attacks

Several Polish news websites were hit by distributed denial-of-service (DDoS) attacks that the government said could be the action of Russian hacking groups, the digitalisation minister was quoted as saying on Thursday.

Malware turns home routers into proxies for Chinese state-sponsored hackers

Following in the footsteps of VPNFilter, new firmware obscures hackers’ endpoints.

Capita breach fallout widens as customers learn of data theft

The U.K. outsourcing giant is facing criticism after leaving gigabytes of files unprotected on the internet.

US pharmacy giant says hackers accessed personal data of almost 6 million patients

PharMerica has confirmed hackers accessed patient Social Security numbers and sensitive health insurance information.

DOJ Offers $10 Million Reward for Info on Alleged Russian Ransomware Hacker

Mikhail Pavlovich Matveev has been charged for his alleged role in cyberattacks against law enforcement, government agencies, hospitals, and schools.

Smashing Pumpkins aurait payé une rançon pour récupérer leurs nouvelles chansons | UnderNews

Ci-dessous les commentaires de Shawn Surber, Senior Director TAM, et de Mellissa Bishop, Director, Endpoint Security Research chez Tanium, à propos de la nouvelle selon laquelle le groupe Smashing Pumpkins aurait payé une rançon pour éviter que leurs nouvelles chansons ne soient publiées.

North Korean hackers stole $721 million in cryptocurrency from Japan – Nikkei

Hacker groups affiliated with North Korea have stolen $721 million worth of cryptocurrency assets from Japan since 2017, the Nikkei business daily reported on Monday, citing a study by U.K. blockchain analysis provider Elliptic.

Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online

A new cybercrime outfit calling itself RA GROUP is just the latest to take advantage of leaked Babuk ransomware source code.

Spanish cops arrest 69 in immigration bot scheme

Keeping files that mention ‘robot rental’ may not have been the best way to cover their tracks