L’hebdo cybersécurité (14 janvier 2024)

Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.

Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

State-backed hackers are exploiting new Ivanti VPN zero-days – but no patches yet | TechCrunch
Software giant Ivanti says hackers are exploiting two critical-rated vulnerabilities impacting its widely-used VPN appliance.

China Cracked Apple’s Airdrop to Expose Activists’ Identities
A state-backed institution claims to have breached the security of Apple’s Airdrop, a tool popular with protestors in China.

X Confirms SEC Hack, Says Account Didn’t Have 2FA Turned On
Turns out that the SEC’s X account was hacked, partially because it neglected a very basic rule of online security.

SEC says X account was hacked as false post causes bitcoin price swings
X says hacker had control over phone number associated with SEC account.

North Korea’s Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023
North Korean hackers have stolen over $600M in crypto in 2023! A significant threat to global financial security.

Cyber Insecurity and Misinformation Top WEF Global Risk List
Cyber-attacks and misinformation top WEF’s list of global risks, with cybercrime poised to exploit tech advancements and AI dominance raising concerns about vulnerability

Mandiant’s X Account Was Hacked in Brute-Force Password Attack
Mandiant has shared its findings following X account hijacking, firm blames misconfigured 2FA and X’s policy change

1.3 Million FNF Customers’ Data Potentially Exposed in Ransomware Atta
Fidelity National Financial revealed that the ransomware attack last year potentially impacted 1.3 million customers data in an updated SEC filing

Human Error and Insiders Expose Millions in UK Law Firm Data Breaches
Millions in the UK have had their data compromised because of cyber incidents involving law firms, a recent analysis of IOC data has found

Hackers can hijack your Bosch Thermostat and Install Malware
The popular Bosch thermostat model BCC100 is vulnerable, allowing allow attacker to manipulate settings and install malware on the device.

Beirut Airport Cyberattack Targets Hezbollah
In addition to posting messages criticizing the group, the cyberattackers disrupted flight information and baggage handling systems.

Ransomware Gang Gives Toronto Zoo the Monkey Business
As the investigation continues, the Zoo reports that it does not store the credit card information of its guests.

Ukraine Claims Revenge Hack Against Moscow Internet Provider
Reports say M9 Telecom servers were destroyed in retaliation for Russia-backed cyberattack against Kyivstar mobile phone operator.

Fake Recruiters Defraud Facebook Users via Remote Work Offers
Scammers are targeting multiple brands with « job offers » on Meta’s social media platform, that go as far as to offer what look like legitimate job contracts to victims.

Toronto Zoo: Ransomware attack had no impact on animal wellbeing
Toronto Zoo, the largest zoo in Canada, says that a ransomware attack that hit its systems on early Friday had no impact on the animals, its website, or its day-to-day operations.

Ransomware victims targeted by fake hack-back offers
Some organizations victimized by the Royal and Akira ransomware gangs have been targeted by a threat actor posing as a security researcher who promised to hack back the original attacker and delete stolen victim data.

FTC bans data broker from selling Americans’ location data
Today, the U.S. Federal Trade Commission (FTC) banned data broker Outlogic, formerly X-Mode Social, from selling Americans’ raw location data that could be used for tracking purposes.

Finland warns of Akira ransomware wiping NAS and tape backup devices
The Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups.

Major T-Mobile outage takes down account access, mobile app
A major T-Mobile outage is preventing customers from logging into their accounts and using the company’s mobile app.

💡 Ne manquez plus l'essentiel
Recevez les analyses et tendances cybersécurité directement dans votre boîte mail.

Offrez un café pour soutenir cette veille indépendante.

☕ Je soutiens DCOD

💡 Note : Certaines images ou extraits présents dans cet article proviennent de sources externes citées à des fins d’illustration ou de veille. Ce site est indépendant et à but non lucratif. 👉 En savoir plus sur notre cadre d’utilisation.

Vous appréciez ces analyses ?
Soutenez DCOD en offrant un café ☕

💡 Ne manquez plus l’essentiel

Les derniers articles

La Chine accuse les États-Unis d’un hack de 127 000 Bitcoins

Le top 5 des actus cybersécurité -19 nov 2025

Cyber IA : actualités du 19 nov 2025

iPhone perdu : attention aux faux SMS prétendant l’avoir retrouvé

Google Find Hub détourné pour effacer des données volées sur Android

Toutes les catégories

L’hebdo cybersécurité (14 janvier 2024)

Les actus sélectionnées cette semaine

State-backed hackers are exploiting new Ivanti VPN zero-days – but no patches yet | TechCrunch

China Cracked Apple’s Airdrop to Expose Activists’ Identities

X Confirms SEC Hack, Says Account Didn’t Have 2FA Turned On

SEC says X account was hacked as false post causes bitcoin price swings

North Korea’s Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023

Cyber Insecurity and Misinformation Top WEF Global Risk List

Mandiant’s X Account Was Hacked in Brute-Force Password Attack

1.3 Million FNF Customers’ Data Potentially Exposed in Ransomware Atta

Human Error and Insiders Expose Millions in UK Law Firm Data Breaches

Hackers can hijack your Bosch Thermostat and Install Malware

Beirut Airport Cyberattack Targets Hezbollah

Ransomware Gang Gives Toronto Zoo the Monkey Business

Ukraine Claims Revenge Hack Against Moscow Internet Provider

Fake Recruiters Defraud Facebook Users via Remote Work Offers

Toronto Zoo: Ransomware attack had no impact on animal wellbeing

Ransomware victims targeted by fake hack-back offers

FTC bans data broker from selling Americans’ location data

Finland warns of Akira ransomware wiping NAS and tape backup devices

Major T-Mobile outage takes down account access, mobile app

Marc Barbezat

1 commentaire

Des idées de lecture cybersécurité

La Chine accuse les États-Unis d’un hack de 127 000 Bitcoins

Le top 5 des actus cybersécurité -19 nov 2025

Cyber IA : actualités du 19 nov 2025

iPhone perdu : attention aux faux SMS prétendant l’avoir retrouvé

Google Find Hub détourné pour effacer des données volées sur Android