L’hebdo cybersécurité (24 mars 2024)

Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.

L'essentiel Cybersécurité, IA & Tech

Rejoignez la communauté. 3 fois par semaine, recevez l'analyse des tendances par Marc Barbezat. Pas de spam, juste de l'info.

Ou suivez le flux temps réel

Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

Unpatchable vulnerability in Apple chip leaks secret encryption keys
Fixing newly discovered side channel will likely take a major toll on performance.

Hackers can unlock over 3 million hotel doors in seconds
Saflok has a fix for the vulnerability, but patching may take a long time.

Esports league postponed after players hacked midgame | TechCrunch
On Sunday, two competitive esports players appeared to get hacked during a live-streamed game, prompting the organizers to postpone the tournament.

Tech giant Fujitsu says it was hacked, warns of data breach | TechCrunch
The Japan-based multinational technology giant warned of a potential data breach, involving « personal information and customer information. »

Les dossiers de vaccination Covid-19 d’un million d’Irlandais ont été exposés à d’autres patients
En 2021, un bug sur le portail irlandais de vaccination contre le Covid-19 avait exposé les dossiers d’un million de personnes à d’autres…-Cybersécurité

19 million plaintext passwords exposed by incorrectly configured Firebase instances | Malwarebytes
Researchers scanned the internet for incorrectly configured Firebase instances and what they found was frightening.

Earth Krahang APT breached tens of government orgs worldwide
Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide.

AT&T says leaked data of 70 million people is not from its systems
AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company.

IMF Investigates Serious Cybesecurity Breach
The International Monetary Fund says it is still looking into a recent compromise of multiple email accounts

Pentagon hat bereits 50.000 Schwachstellenmeldungen erhalten
Im Rahmen des Vulnerability-Disclosure-Programms hat das US-Verteidigungsministerium seit 2016 mehr als 50.000 Meldungen bearbeitet.

Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks
Russia’s government is pretending to be other governments in emails, with an eye toward stealing strategic intel.

North Korea-Linked Group Levels Multistage Cyberattack on South Korea
Kimsuky-attributed campaign uses eight steps to compromise systems – from initial execution to downloading additional code from Dropbox, and executing code to establish stealth and persistence.

NIST’s Vuln Database Downshifts, Prompting Questions About Its Future
NVD may be in peril and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.

Tesla Hack Team Wins $200K and a New Car
Zero Day Initiative awarded a total of $732,000 to researchers who found 19 unique cybersecurity vulnerabilities during the first day of Pwn2Own.

Italy’s Giorgia Meloni called to testify in deepfake porn case
PM is suing over lewd videos that used her face superimposed onto someone else’s body.

Russian military intelligence may have deployed wiper against multiple Ukrainian ISPs
A group known as Solntsepek claimed credit for attacks on the ISPs Triacom, Misto TV, Linktelecom and KIM.

German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says
The hacking group, with ties to the Russian SVR, may have been trying to glean insights on shifting European sentiments on Ukraine, threat analysts suggest.

Ukraine arrests hackers trying to sell 100 million stolen accounts
The Ukrainian cyber police, in collaboration with investigators from the national police (ГУНП), have arrested three individuals who are accused of hijacking over 100 million emails and Instagram accounts worldwide.

CISA shares critical infrastructure defense tips against Chinese hackers
CISA, the NSA, the FBI, and several other agencies in the U.S. and worldwide warned critical infrastructure leaders to protect their systems against the Chinese Volt Typhoon hacking group.

Zéro paywall. Zéro pub.
DCOD reste en accès libre grâce à vos contributions. Chaque café compte.

☕ Je participe

Navigation

Les derniers articles

Claude Code détourné pour piller des agences mexicaines

Capteurs de pression des pneus : 20 000+ véhicules traçables

Fuites de données : les 11 incidents majeurs au 12 mars 2026

Claude Code Security automatise la détection des vulnérabilités

OpenAI lance Trusted Access for Cyber pour fortifier la défense

Suivez en direct

L’hebdo cybersécurité (24 mars 2024)

L'essentiel Cybersécurité, IA & Tech

Les actus sélectionnées cette semaine

Unpatchable vulnerability in Apple chip leaks secret encryption keys

Hackers can unlock over 3 million hotel doors in seconds

Esports league postponed after players hacked midgame | TechCrunch

Tech giant Fujitsu says it was hacked, warns of data breach | TechCrunch

Les dossiers de vaccination Covid-19 d’un million d’Irlandais ont été exposés à d’autres patients

19 million plaintext passwords exposed by incorrectly configured Firebase instances | Malwarebytes

Earth Krahang APT breached tens of government orgs worldwide

AT&T says leaked data of 70 million people is not from its systems

IMF Investigates Serious Cybesecurity Breach

Pentagon hat bereits 50.000 Schwachstellenmeldungen erhalten

Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks

North Korea-Linked Group Levels Multistage Cyberattack on South Korea

NIST’s Vuln Database Downshifts, Prompting Questions About Its Future

Tesla Hack Team Wins $200K and a New Car

Italy’s Giorgia Meloni called to testify in deepfake porn case

Russian military intelligence may have deployed wiper against multiple Ukrainian ISPs

German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says

Ukraine arrests hackers trying to sell 100 million stolen accounts

CISA shares critical infrastructure defense tips against Chinese hackers

Marc Barbezat

1 commentaire

Des idées de lecture recommandées par DCOD

Navigation

Les derniers articles

Suivez en direct

L'essentiel Cybersécurité, IA & Tech

Les actus sélectionnées cette semaine

A lire également

1 commentaire

Des idées de lecture recommandées par DCOD

Un café pour DCOD ?