Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Unpatchable vulnerability in Apple chip leaks secret encryption keys
Fixing newly discovered side channel will likely take a major toll on performance.
Hackers can unlock over 3 million hotel doors in seconds
Saflok has a fix for the vulnerability, but patching may take a long time.
Esports league postponed after players hacked midgame | TechCrunch
On Sunday, two competitive esports players appeared to get hacked during a live-streamed game, prompting the organizers to postpone the tournament.
Tech giant Fujitsu says it was hacked, warns of data breach | TechCrunch
The Japan-based multinational technology giant warned of a potential data breach, involving « personal information and customer information. »
Les dossiers de vaccination Covid-19 d’un million d’Irlandais ont été exposés à d’autres patients
En 2021, un bug sur le portail irlandais de vaccination contre le Covid-19 avait exposé les dossiers d’un million de personnes à d’autres…-Cybersécurité
19 million plaintext passwords exposed by incorrectly configured Firebase instances | Malwarebytes
Researchers scanned the internet for incorrectly configured Firebase instances and what they found was frightening.
Earth Krahang APT breached tens of government orgs worldwide
Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide.
AT&T says leaked data of 70 million people is not from its systems
AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company.
IMF Investigates Serious Cybesecurity Breach
The International Monetary Fund says it is still looking into a recent compromise of multiple email accounts
Pentagon hat bereits 50.000 Schwachstellenmeldungen erhalten
Im Rahmen des Vulnerability-Disclosure-Programms hat das US-Verteidigungsministerium seit 2016 mehr als 50.000 Meldungen bearbeitet.
Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks
Russia’s government is pretending to be other governments in emails, with an eye toward stealing strategic intel.
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
Kimsuky-attributed campaign uses eight steps to compromise systems – from initial execution to downloading additional code from Dropbox, and executing code to establish stealth and persistence.
NIST’s Vuln Database Downshifts, Prompting Questions About Its Future
NVD may be in peril and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.
Tesla Hack Team Wins $200K and a New Car
Zero Day Initiative awarded a total of $732,000 to researchers who found 19 unique cybersecurity vulnerabilities during the first day of Pwn2Own.
Italy’s Giorgia Meloni called to testify in deepfake porn case
PM is suing over lewd videos that used her face superimposed onto someone else’s body.
Russian military intelligence may have deployed wiper against multiple Ukrainian ISPs
A group known as Solntsepek claimed credit for attacks on the ISPs Triacom, Misto TV, Linktelecom and KIM.
German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says
The hacking group, with ties to the Russian SVR, may have been trying to glean insights on shifting European sentiments on Ukraine, threat analysts suggest.
Ukraine arrests hackers trying to sell 100 million stolen accounts
The Ukrainian cyber police, in collaboration with investigators from the national police (ГУНП), have arrested three individuals who are accused of hijacking over 100 million emails and Instagram accounts worldwide.
CISA shares critical infrastructure defense tips against Chinese hackers
CISA, the NSA, the FBI, and several other agencies in the U.S. and worldwide warned critical infrastructure leaders to protect their systems against the Chinese Volt Typhoon hacking group.
💡 Ne manquez plus l'essentiel
Recevez les analyses et tendances cybersécurité directement dans votre boîte mail.
1 commentaire
Commentaires désactivés.