Voici le rapport de veille avec des liens directs vers les actus les plus intéressantes de la semaine passée. Certaines d’entre elles seront développées dans les prochains articles.
Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
LockBit lied: Stolen data is from a bank, not US Federal Reserve
Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed.
Telegram says it has ‘about 30 engineers’; security experts say that’s a red flag | TechCrunch
Telegram’s founder Pavel Durov says his company only employs around 30 engineers. Security experts say that raises serious questions about the company’s cybersecurity.
The biggest data breaches in 2024: 1B stolen records and rising | TechCrunch
Some of the largest, most damaging breaches of 2024 already account for over a billion stolen records.
Microsoft reveals further emails compromised by Russian hack
Russian hacking group, Midnight Blizzard, accessed more Microsoft emails than initially reported.
Hack of Age Verification Company Shows Privacy Danger of Social Media Laws
We’ve said it before: online age verification is incompatible with privacy. Companies responsible for storing or processing sensitive documents like drivers’ licenses are likely to encounter data breaches, potentially exposing not only personal data like users’ government-issued ID, but also…
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
Malicious updates available from WordPress.org create attacker-controlled admin account.
Hackers target new MOVEit Transfer critical auth bypass bug
Threat actors are attempting to exploit a critical authentication bypass flaw impacting Progress MOVEit Transfer, which the vendor disclosed yesterday.
TeamViewer links corporate cyberattack to Russian state hackers
RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week.
Ticketmaster sends notifications about recent massive data breach
Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company’s Snowflake database, containing the data of millions of people.
US announces a reward for Russia’s GRU hacker behind attacks on Ukraine
The US DoJ announced charges against a member of Russia’s military intelligence service GRU for conducting wiper attacks on Ukraine in 2022.
A cyberattack shutdown the University Hospital Centre Zagreb in Croatia
A cyber attack targeted the University Hospital Centre Zagreb (KBC Zagreb) on Wednesday night, reported the Croatian Radiotelevision.
Apple AirPods Bug Allows Eavesdropping
The vulnerability affects not only AirPods, but also AirPods Max, Powerbeats Pro, Beats Fit Pro, and all models of AirPods Pro.
15 000 concessionnaires US toujours bloqués par un ransomware – Le Monde Informatique
Sécurité : Malgré les premières tentatives de rétablissement des services dans les concessions automobiles des groupes américains Sonic Automotive et Penske…
USD 257 million seized in global police crackdown against online scams
Operation First Light highlights the extensive reach of scam syndicates
30M Potentially Affected in Tickettek Australia Cloud Breach
In an incident with direct parallels to the recent Ticketmaster compromise, an Aussie live events giant says it was breached via a third-party cloud provider, as ShinyHunters takes credit.
Hundreds of Thousands Impacted in Children’s Hospital Cyberattack
Though the hospital did not pay a ransom, a host of sensitive medical information is now at risk.
Chinese Cyberspies Employ Ransomware in Attacks for Diversion
Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft.
European Union Sanctions Russian State Hackers
The European Union sanctioned four Russian domestic intelligence agency hackers including two military officers who participated in what researchers have described
Chinese Hackers Caught Spying on Taiwanese Firms
A Chinese state-sponsored group, tracked as RedJuliett, is using open-source VPN client SoftEther to target the infrastructure of about 75 organizations in
WikiLeaks’ Julian Assange Released from U.K. Prison, Heads to Australia
Julian Assange freed after 5 years, pleads guilty to classified info leak. WikiLeaks founder heads to Australia as 14-year legal battle ends.