Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
L'essentiel Cybersécurité, IA & Tech
Rejoignez la communauté. 3 fois par semaine, recevez l'analyse des tendances par Marc Barbezat. Pas de spam, juste de l'info.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Software Vendor Attack Slows Down 2 UK Ambulance Services
A cyberattack against a Swedish software and services vendor has reportedly severed access to digital health records for at least two National Health Service
Russia Sends Cybersecurity CEO to Jail for 14 Years
The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions.
North Korean Hackers Bag Another $100m in Crypto Heists
Two new breaches traced back to prolific Lazarus group
12 Norwegian Ministries Impacted in ICT Platform Hack
Unknown hackers attacked a dozen Norwegian government ministries through a zero day vulnerability present in a shared digital platform, the Oslo government
Latest MOVEit Data Breach Victim Tally: 455 Organizations
More details about victims of the Clop crime group’s zero-day attacks on users of the widely used MOVEit file transfer software continue to come to light.
Zero-Day Vulnerabilities Discovered in Global Emergency Services Communications Protocol
Weak encryption algorithms leave radio communications open to attack and abuse.
Over 19 Million Password Logs Sold on the Dark Web and Telegram
The exponential growth of info stealers has become a significant threat to all organizations, chatGPT, and increased cybercrime.
NATO investigates alleged data theft by SiegedSec hackers
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec.
SEC now requires companies to disclose cyberattacks in 4 days
The U.S. Securities and Exchange Commission has adopted new rules requiring publicly traded companies to disclose cyberattacks within four business days after determining they’re material incidents.
BreachForums database and private chats for sale in hacker data breach
While consumers are usually the ones worried about their information being exposed in data breaches, it’s now the hacker’s turn, as the notorious Breached cybercrime forum’s database is up for sale and member data shared with Have I Been Pwned.
Après WormGPT, les cybercriminels livrent FraudGPT – Le Monde Informatique
Sécurité : L’IA générative continue de trouver sa place dans l’arsenal des cybercriminels. Après WormGPT, des chercheurs ont débusqué un autre outil du même…
Google pousse Android à alerter sur le suivi d’AirTags importuns – Le Monde Informatique
Objets Connectés : Pour protéger toute personne du suivi Bluetooth indésirable sur Android, Google propose désormais des alertes de suivi de traceurs inconnus ainsi que…
SEC: Public companies must report cyberattacks within four days | Engadget
In a move to prevent public companies from delaying news about cyberattacks, the US Security and Exchange Commission has set a four-day deadline to disclose « material cybersecurity incidents. ».
Hackers exploit Citrix zero-day to target US critical infrastructure | TechCrunch
Thousands of organizations could be at risk from a Citrix zero-day that hackers have already abused to target U.S. critical infrastructure.
North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say | TechCrunch
Mandiant security researchers say the North Korean hackers behind the JumpCloud breach mistakenly exposed their real-world IP addresses.
Thales enters app security market with $3.6B Imperva acquisition | TechCrunch
French aerospace and defence group Thales is procuring cybersecurity company Imperva from Thoma Bravo in a deal worth $3.6 billion.
Ivanti rushes to patch zero-day used to breach Norway’s government | TechCrunch
Hackers exploited a previously undiscovered flaw in Ivanti’s MDM software to compromise a dozen Norwegian government agencies.
US government contractor says MOVEit hackers accessed health data of ‘at least’ 8 million individuals | TechCrunch
Maximus, a U.S. government services company, says MOVEit hackers accessed the personal information of as many as 11 million individuals
Hackers are infecting Call of Duty players with a self-spreading malware | TechCrunch
Activision said it brought the 2009-released game offline while it investigates « an issue. »
Critical infrastructure radio tech ‘easily hacked’ through deliberate backdoor
Malicious attackers could « easily » hack TETRA radio systems and disrupt critical infrastructure and emergency services, researchers reveal.
Serveurs, API, temps de veille...
DCOD est indépendant et sans revenus. Soutenez le site pour l'aider à couvrir ses frais techniques.
1 commentaire
Commentaires désactivés.