Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
State-backed hackers are exploiting new Ivanti VPN zero-days – but no patches yet | TechCrunch
Software giant Ivanti says hackers are exploiting two critical-rated vulnerabilities impacting its widely-used VPN appliance.
China Cracked Apple’s Airdrop to Expose Activists’ Identities
A state-backed institution claims to have breached the security of Apple’s Airdrop, a tool popular with protestors in China.
X Confirms SEC Hack, Says Account Didn’t Have 2FA Turned On
Turns out that the SEC’s X account was hacked, partially because it neglected a very basic rule of online security.
SEC says X account was hacked as false post causes bitcoin price swings
X says hacker had control over phone number associated with SEC account.
North Korea’s Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023
North Korean hackers have stolen over $600M in crypto in 2023! A significant threat to global financial security.
Cyber Insecurity and Misinformation Top WEF Global Risk List
Cyber-attacks and misinformation top WEF’s list of global risks, with cybercrime poised to exploit tech advancements and AI dominance raising concerns about vulnerability
Mandiant’s X Account Was Hacked in Brute-Force Password Attack
Mandiant has shared its findings following X account hijacking, firm blames misconfigured 2FA and X’s policy change
1.3 Million FNF Customers’ Data Potentially Exposed in Ransomware Atta
Fidelity National Financial revealed that the ransomware attack last year potentially impacted 1.3 million customers data in an updated SEC filing
Human Error and Insiders Expose Millions in UK Law Firm Data Breaches
Millions in the UK have had their data compromised because of cyber incidents involving law firms, a recent analysis of IOC data has found
Hackers can hijack your Bosch Thermostat and Install Malware
The popular Bosch thermostat model BCC100 is vulnerable, allowing allow attacker to manipulate settings and install malware on the device.
Beirut Airport Cyberattack Targets Hezbollah
In addition to posting messages criticizing the group, the cyberattackers disrupted flight information and baggage handling systems.
Ransomware Gang Gives Toronto Zoo the Monkey Business
As the investigation continues, the Zoo reports that it does not store the credit card information of its guests.
Ukraine Claims Revenge Hack Against Moscow Internet Provider
Reports say M9 Telecom servers were destroyed in retaliation for Russia-backed cyberattack against Kyivstar mobile phone operator.
Fake Recruiters Defraud Facebook Users via Remote Work Offers
Scammers are targeting multiple brands with « job offers » on Meta’s social media platform, that go as far as to offer what look like legitimate job contracts to victims.
Toronto Zoo: Ransomware attack had no impact on animal wellbeing
Toronto Zoo, the largest zoo in Canada, says that a ransomware attack that hit its systems on early Friday had no impact on the animals, its website, or its day-to-day operations.
Ransomware victims targeted by fake hack-back offers
Some organizations victimized by the Royal and Akira ransomware gangs have been targeted by a threat actor posing as a security researcher who promised to hack back the original attacker and delete stolen victim data.
FTC bans data broker from selling Americans’ location data
Today, the U.S. Federal Trade Commission (FTC) banned data broker Outlogic, formerly X-Mode Social, from selling Americans’ raw location data that could be used for tracking purposes.
Finland warns of Akira ransomware wiping NAS and tape backup devices
The Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups.
Major T-Mobile outage takes down account access, mobile app
A major T-Mobile outage is preventing customers from logging into their accounts and using the company’s mobile app.
1 commentaire
Commentaires désactivés.