Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
270GB of New York Times Internal Data and Source Code Leaked
An anonymous hacker has claimed to have leaked 270 GB of internal data and source code from The New York Times (NYT) on the controversial image board 4chan.
Des hôpitaux londoniens doivent annuler des opérations à cause d’une cyberattaque
De grands hôpitaux londoniens ont dû annuler des opérations mardi après avoir été victimes d’une cyberattaque ayant visé un fournisseur de services, selon des notes internes.
Cybersécurité : la fonctionnalité Recall de Microsoft universellement fustigée
Microsoft a présenté fin mai sa nouvelle fonctionnalité Recall, qui sera disponible sur les PC Copilot+. Elle permet de prendre des captures…-Intelligence artificielle
The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever
The number of alleged hacks targeting the customers of cloud storage firm Snowflake appears to be snowballing into one of the biggest data breaches of all time.
361 million stolen accounts leaked on Telegram added to HIBP
A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.
TikTok says it fixed a vulnerability that enabled a cyberattack on high-profile accounts
TikTok has stopped the malware attacks targeting high-profile users like CNN and Paris Hilton. The cyberattack involved direct messages laced with malicious code.
Russia denies involvement in shock disinformation operations in Paris
The Kremlin has been accused of stepping up a hybrid destabilization campaign targeting France and the Olympics.
Chinese State-Sponsored Operation “Crimson Palace” Revealed
Sophos said the campaign aimed to maintain prolonged network access for espionage purposes
Mandiant alerte sur le risque de cyberattaques de grande ampleur pendant les Jeux Olympiques
Des chercheurs de Mandiant, société de cybersécurité détenue par Google, ont publié un rapport sur les différentes cybermenaces pouvant…-Cybersécurité
Apple might reveal a new “Passwords” app next week
Apple may show off a new “Passwords” app at WWDC 2024 that will compete with 1Password and LastPass, securing logins on iPhone, iPad, Mac, Vision Pro, and Windows.
RansomHub operation is a rebranded version of the Knight RaaS
Researchers believe that the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation.
ESAs and ENISA sign a Memorandum of Understanding to strengthen cooperation and information exchange
The European Supervisory Authorities (EBA, EIOPA, and ESMA – the ESAs) today announced that they have concluded a multilateral Memorandum of Understanding (MoU) to strengthen cooperation and information exchange with the European Union Agency for Cybersecurity (ENISA).
Chinese hacking groups team up in cyber espionage campaign
Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace
UK School Forced to Close Following Cyber-Attack
The Billericay School in Essex informed parents that it is closed to students after its IT systems were compromised and made inaccessible by a cyber-attack
Ukraine Hit by Cobalt Strike Attack Using Malicious Excel Files
Beware Macro! Ukrainian users and cyberinfrastructure are being hit by a new malware campaign in which hackers are using a multi-stage malware strategy to
Crimson Palace: Chinese Hackers Steal Military Secrets Over 2 Years
Sophos uncovers “Operation Crimson Palace, a long-term cyberespionage effort targeting a Southeast Asian government.
NIST Commits to Plan to Resume NVD Work
The agency aims to burn down the backlog of vulnerabilities waiting to be added to the National Vulnerabilities Database via additional funding, third-party contract, and partnership with CISA.
CySecurity News – Latest Information Security and Hacking Incidents: WhatsApp Bans 7.1 Million Indian Users, Warns of More Bans for Rule Violations
WhatsApp bans 7.1 million Indian users in April for rule violations, promises more proactive bans.
FCC vote on tap for rules to secure fundamental component of the internet
The regulations would seek to bolster Border Gateway Protocol security, but some industry groups are concerned the proposal is too heavy-handed.