Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
No more 12345: devices with weak passwords to be banned in UK
Makers of phones, TVs and smart doorbells legally required to protect devices against access by cybercriminals
L’Allemagne accuse Moscou d’une cyberattaque « intolérable » contre les membres d’un parti politique
La ministre des Affaires étrangères Annalena Baerbock a dénoncé ce vendredi une cyberattaque contre des membres du parti SPD remontant à 2023 et provoquée par un groupe lié aux renseignements russes.
Poland says it too was targeted by Russian hackers
On Friday, Germany and the Czech Republic said they had been targeted by the Russian-controlled Fancy Bear hacking group.
CySecurity News – Latest Information Security and Hacking Incidents: Sweden Faces Influx of DDoS Attacks Following NATO Membership
The year 2024 witnessed a further exacerbation of the situation, particularly intensifying from February onward.
Iranian hackers pose as journalists to push backdoor malware
The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets.
Plus de 6000 réunions de l’armée allemande ont circulé sur le web
Le media « Zeit online » est parvenu à accéder aux informations de plus de 6000 réunions, dont certaines classifiées, de la Bundeswehr sur Webex.
UnitedHealth CEO admits it paid $22 million ransom to BlackCat
In a testimony before the Senate Finance Committee, Witty said he was responsible for the decision to pay the ransom to BlackCat.
FCC takes $200 million bite out of wireless carriers for sharing location data
The Federal Communications Commission levied nearly $200 million in fines against four telecommunications giants Monday following an agency investigation that concluded the companies had sold location data of customers without their consent.
Health care giant comes clean about recent hack and paid ransom
Ransomware attack on the $371 billion company hamstrung US prescription market.
Hacker free-for-all fights for control of home and office routers everywhere
How and why nation-state hackers and cybercriminals coexist in the same router botnet.
La Confédération fautive dans la cyberattaque sur Xplain
Les enquêtes sur la cyberattaque contre l’entreprise Xplain l’an dernier ont relevé des erreurs commises par les offices fédéraux de la police et des douanes. L’entreprise est également fautive. Le Conseil fédéral annonce mercredi des mesures.
Google blocked 2.3M apps in Play Store over security fears
Third of a million developer accounts kiboshed, too
European Commission to probe Meta over misinformation
Europe takes action after Facebook parent withdraws monitoring tool
Qantas app glitch sees boarding passes fly to other accounts
Issue now resolved and isn’t thought to be the work of criminals
Google Announces Passkeys Adopted by Over 400 Million Accounts
Google announces over 400 million accounts now use passkeys – the passwordless authentication solution.
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia
Former NSA employee sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia.
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
Dropbox Sign Breached! Unidentified hackers accessed user emails, usernames, and account settings for all Dropbox Sign users.
Operation PANDORA shuts down 12 phone fraud call centres | Europol
Operation PANDORA started with a bank teller in Freiburg, Germany. When in December 2023 a customer asked to withdraw over EUR 100 000 in cash, the bank teller grew suspicious and quickly learned the customer had fallen victim to a ‘fake police officer scam’.
Attackers Planted Millions of Imageless Repositories on Docker Hub
The purported metadata for each these containers had embedded links to malicious files.
