L’hebdo cybersécurité (29 octobre 2023)

Offrez un café pour soutenir cette veille indépendante.

📚💡️idée de lecture : Les fondamentaux de la cybersécurité: Comprendre et appliquer les principes essentiels — 📘 Voir sur Amazon

Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.

Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

HackerOne paid ethical hackers over $300 million in bug bounties
HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform’s inception.

12M Patient Medical Records, Other Data Found Exposed on Web
An unsecured database of an India-based medical laboratory recently exposed more than 12 million test results, other patient records and development files for the

Windows : plus d’un million de PC infectés, ce malware est resté invisible pendant 5 ans
Les chercheurs de Kaspersky ont trouvé un malware bien caché depuis 5 ans. Il a infecté au moins 1 million de PC sous Windows et Linux.

Lockbit ransomware gang claims to have stolen data from Boeing
Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data

Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits (and multiple bug collisions) targeting consumer products between October 24 and October 27.

OpenAI forms team to study ‘catastrophic’ AI risks, including nuclear threats | TechCrunch
AI has formed a new team, Preparedness, to study the ‘catastrophic risks’ that might be associated with future AI systems — including nuclear risks.

Apple fixes bug that undermined iOS privacy feature for years | TechCrunch
Apple has released a fix for a years-old vulnerability in iOS that rendered one of its privacy-enhancing features near useless since launch.

CCleaner says hackers stole users’ personal data during MOVEit mass-hack | TechCrunch
The maker of the popular optimization tool said hackers stole personal information of paid customers, including phone numbers.

Ambulances diverted after New York hospitals hit by cyber attack
It’s all too easy sometimes to imagine that a cyber attack is confined to the digital world, and that – although disruptive – it may not have serious consequences in real life.

Seiko confirmed a data breach after BlackCat attack
Japanese watchmaker Seiko revealed that the attack that suffered earlier this year was carried out by the Black Cat ransomware gang.

Germany wins the 2023 European Cybersecurity Challenge
Germany is the winner of the 2023 edition of the ECSC, followed by Switzerland in second place and Denmark in third place. The European Union Agency for Cybersecurity (ENISA) thanks the Norwegian University of Science and Technology (NTNU) for hosting the 9th edition in Hamar.

Known Ransomware Attack Volume Breaks Monthly Record, Again
The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: long-timer LockBit followed by newcomer LostTrust, with other new groups also having a notable impact.

Ransomware-Angriffe kosten 265 Milliarden pro Jahr
Täglich kostenlose News, Trends, Nachrichten und Hintergründe aus der Schweizer und der internationalen Informatik. Für Anwenderunternehmen und Anbieter.

Piratage de la Cour pénale internationale : vraisemblablement une action d’espionnage
La juridiction pénale internationale vient de donner de nouvelles informations sur le piratage dont elle a été victime à la mi-septembre.

Amazon Web Services launches European Sovereign Cloud – Cybersecurity Insiders
Amazon Web Services (AWS), the American technology giant, has launched an exclusive European Sovereign Cloud to meet the needs of its European customer

Cyberattack on health services provider impacts 5 Canadian hospitals
A cyberattack on shared service provider TransForm has impacted operations in five hospitals in Ontario, Canada, impacting patient care and causing appointments to be rescheduled.

Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto
Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada.

European govt email servers hacked using Roundcube zero-day
The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.

Okta’s latest hack fallout hits Cloudflare, 1Password | TechCrunch
Cloudflare and 1Password said their recent intrusions, which did not compromise user data, were linked to a breach at Okta.

Hackers can force iOS and macOS browsers to divulge passwords and much more
iLeakage is practical and requires minimal resources. A patch isn’t (yet) available.

💡 Ne manquez plus l'essentiel
Recevez les analyses et tendances cybersécurité directement dans votre boîte mail.

💡 Note : Certaines images ou extraits présents dans cet article proviennent de sources externes citées à des fins d’illustration ou de veille. Ce site est indépendant et à but non lucratif. 👉 En savoir plus sur notre cadre d’utilisation.

Vous appréciez ces analyses ?
Soutenez DCOD en offrant un café ☕

💡 Ne manquez plus l’essentiel

Les derniers articles

Les actus cybersécurité du 31 août 2025

WhatsApp : faille zero-click critique sur iOS et macOS corrigée

Les 10 directives essentielles pour renforcer sa cybersécurité en 2025

Proton déplace ses serveurs face aux lois suisses

Reconnaissance faciale: 4,7 millions de Britanniques scannés

Toutes les catégories

L’hebdo cybersécurité (29 octobre 2023)

Les actus sélectionnées cette semaine

HackerOne paid ethical hackers over $300 million in bug bounties

12M Patient Medical Records, Other Data Found Exposed on Web

Windows : plus d’un million de PC infectés, ce malware est resté invisible pendant 5 ans

Lockbit ransomware gang claims to have stolen data from Boeing

Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto

OpenAI forms team to study ‘catastrophic’ AI risks, including nuclear threats | TechCrunch

Apple fixes bug that undermined iOS privacy feature for years | TechCrunch

CCleaner says hackers stole users’ personal data during MOVEit mass-hack | TechCrunch

Ambulances diverted after New York hospitals hit by cyber attack

Seiko confirmed a data breach after BlackCat attack

Germany wins the 2023 European Cybersecurity Challenge

Known Ransomware Attack Volume Breaks Monthly Record, Again

Ransomware-Angriffe kosten 265 Milliarden pro Jahr

Piratage de la Cour pénale internationale : vraisemblablement une action d’espionnage

Amazon Web Services launches European Sovereign Cloud – Cybersecurity Insiders

Cyberattack on health services provider impacts 5 Canadian hospitals

Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto

European govt email servers hacked using Roundcube zero-day

Okta’s latest hack fallout hits Cloudflare, 1Password | TechCrunch

Hackers can force iOS and macOS browsers to divulge passwords and much more

Marc Barbezat

1 commentaire

Des idées de lecture cybersécurité

Les actus cybersécurité du 31 août 2025

WhatsApp : faille zero-click critique sur iOS et macOS corrigée

Les 10 directives essentielles pour renforcer sa cybersécurité en 2025

Proton déplace ses serveurs face aux lois suisses

Reconnaissance faciale: 4,7 millions de Britanniques scannés