Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
L'essentiel Cybersécurité, IA & Tech
Rejoignez la communauté. 3 fois par semaine, recevez l'analyse des tendances par Marc Barbezat. Pas de spam, juste de l'info.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Apple Threatens to Pull iMessage and FaceTime from U.K. Amid Surveillance Demands
Apple opposes UK’s surveillance plans that could weaken encryption in messaging apps.
Bund erinnert IT-Dienstleister an Cybersecurity-Pflichten
Der Bund hat seine IT-Dienstleister kontaktiert. In einem Brief erinnert er die Unternehmen an ihre vertraglichen Pflichten bezüglich Datenschutz und Cybersicherheit. Das Schreiben verschickte die Verwaltung kurz nach einem Ransomwareangriff auf einen ihrer IT-Dienstleister.
Ukraine takes down massive bot farm, seizes 150,000 SIM cards
Cyber Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations.
Clop gang to earn over $75 million from MOVEit extortion attacks
The Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft campaign.
Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week.
Des failles dans les contrôleurs BMC fragilisent des millions de serveurs – Le Monde Informatique
Intrusion, Hacking et Pare-feu : À la suite d’un vol de données survenu en 2021, des chercheurs ont découvert des failles critiques dans les firmwares de contrôleurs BMC de la marque…
JumpCloud says nation-state hackers breached its systems | TechCrunch
The cloud company said it has evidence that a hacking group targeted a « small and specific » group of its customers.
Microsoft lost its keys, and the government got hacked | TechCrunch
China hacked dozens of email accounts, including in government. Microsoft opens up, slightly, about how the hackers pulled off the heist.
US government launches the Cyber Trust Mark, its long-awaited IoT security labeling program | TechCrunch
The Biden administration has launched its cybersecurity labelling program that aims to protect Americans against IoT security risks
North Korea-backed hackers breached JumpCloud to target cryptocurrency clients | TechCrunch
Hackers backed by North Korea breached JumpCloud in an effort to target cryptocurrency clients, according to security researchers.
JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state
« Extremely targeted » attack involved a data injection into JumpCloud’s commands framework.
Typo leaks millions of US military emails to Mali web operator
Spelling error misdirected sensitive Pentagon messages to company running Mali’s TLD.
Microsoft to stop locking vital security logs behind $57-per-user monthly plan
US agency urged Microsoft to expand access to logs that can identify cyberattacks.
As Many As 700,000 Turkish TikTok Accounts Were Hacked Before The Country’s Presidential Election
A UK security agency warned TikTok about the exploited vulnerability more than a year earlier, but the company chose not to fix it.
L’ancien hacker vedette Kevin Mitnick est mort
Cet américain de 59 ans avait multiplié les piratages dans sa jeunesse, au point de devenir l’un des fugitifs les plus recherchés par le FBI dans les années 1990.
« Millions » of sensitive US military emails were reportedly sent to Mali due to a typo
Millions of emails were misdirected to Mali due to a typo that swapped the US military’s .MIL domain for Mali’s .ML domain, according to a report from the Financial Times.
Roblox data breach leaks almost 4,000 developer profiles
Sensitive information identifying thousands of Roblox creators has been exposed following a data breach impacting attendees at a conference for Roblox developers
U.S. Blacklists Two Spyware Firms Run by an Israeli Former General
The moves by the Commerce Department against the Europe-based firms are the latest effort to rein in a spyware industry that has spiraled out of control in recent years.
Facebook steals crimes information from Police Database – Cybersecurity Insiders
Facebook is found accessing information being reported to the Metropolitan Police database and is doing it without the authorization from the law
Russia issues ban on Apple iPhone for security reasons – Cybersecurity Insiders
Russia has issued a ban on the usage of Apple iPhones in government and military sector until further orders. The ban is only applicable to the federal
Zéro paywall. Zéro pub.
DCOD reste en accès libre grâce à vos contributions. Chaque café compte.
1 commentaire
Commentaires désactivés.