webcam

Voici le rapport de veille de la semaine faisant le tour des actualités les plus intéressantes. Vous retrouverez un développement de certaines d’entre elles dans les prochains articles. Bonne lecture et belle semaine à vous !

Vol / perte de données

Barnes & Noble cyber incident could expose customer shipping addresses, order history – CyberScoop

Written by Shannon Vavra Oct 15, 2020 | CYBERSCOOP Barnes & Noble told customers it was the victim of a cyberattack that led to “unauthorized and unlawful access” of its corporate systems. Barnes & Noble didn’t detail the entire nature of the “cybersecurity attack” in its email Wednesday, but confirmed that customers’ shipping addresses, billing addresses, email addresses and phone numbers could have been exposed.

Breach at Dickey’s BBQ Smokes 3M Cards

One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the payment card data was stolen in a two-year-long data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country.

Cyber-attaques / fraudes

Norway says Russian hackers carried out breach at parliament

Russian state-sponsored hackers were behind a breach of the Norwegian parliament in August in which attackers stole data from lawmakers’ email accounts, Norwegian officials alleged on Tuesday. “This is a very serious incident, affecting our most important democratic institution,” Norway Foreign Affairs Minister Ine Eriksen Søreide said in a statement.

Une arnaque à la fausse mise à jour a permis de derober 22 millions de dollars en bitcoin

Sécurité : Des groupes cybercriminels envoient de fausses mises à jour aux propriétaires de portefeuilles Electrum, installent des logiciels malveillants et volent les fonds des utilisateurs. Une technique simple a permis à des groupes cybercriminels de voler plus de 22 millions de dollars en cryptomonnaie à des utilisateurs de l’application de portefeuille Electrum ; une enquête de ZDNet a permis de découvrir cette technique.

Google details tactics of Chinese hackers who targeted Biden campaign

Google on Friday offered new details on tactics used by alleged Chinese government-linked hackers who previously targeted Democratic presidential nominee Joe Biden’s campaign, while warning that multiple state-linked hacking groups continue to show an interest in the U.S. election.

Android ransomware learns new tricks to lock devices

Microsoft security experts claim to have uncovered the latest trick being used by Android ransomware. In a blog post, the Microsoft 365 Defender Research Team details how a new ransomware variant has found a new way to subvert Android’s built-in protection mechanisms to lock devices and hold them to ransom.

Iranian APT group hits schools, universities in global spear phishing attacks

The IT security researchers at Malwarebytes and Peter Kruse from the CSIS Security Group have reported on an Iranian APT (advanced persistent threat) group also known as Silent Librarian, TA407, and COBALT DICKENS that has been targeting schools and universities around the world with spear phishing attacks.

Iran Reports Two Major Cyber-Attacks

Iran has reported falling victim to two large-scale cyber-attacks, one of which was leveled at the country’s government institutions. The Iranian government’s Information Technology Organization on Thursday reported that two institutions had been compromised by attackers. No party has claimed responsibility for the attack, and Iranian government officials have not stated whether the attack was domestic or foreign.

Software AG Continues Efforts Against $20M Ransomware Attack

Software AG, Germany’s second-largest software company (after SAP) continues to struggle with a ransomware attack that has evolved into an extortion bid carrying a $20 million payoff demand. The attack began on October 3 as a ransomware attack in which the attackers demanded the unusually high ransom in return for a decryption key.

Failles / vulnérabilités

Hackers used VPN flaws to access US govt elections support systems

Government-backed hackers have compromised and gained access to US elections support systems by chaining together VPN vulnerabilities and the recent Windows CVE-2020-1472 security flaw. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) says that advanced persistent threat (APT) actors used this vulnerability chaining tactic to target federal and SLTT (state, local, tribal, and territorial) government networks, as well as election organizations, and critical infrastructure.

Réglementaire / juridique

German authorities raid FinFisher offices | ZDNet

German authorities have raided the offices of FinFisher, a German software company that makes surveillance tools, accused in the past of providing software to oppressive regimes. The raids took place earlier this month, on October 6 and October 8, and were ordered by the Munich Public Prosecutor’s Office.

British Airways fined £20m over data breach

“When organisations take poor decisions around people’s personal data, that can have a real impact on people’s lives. The law now gives us the tools to encourage businesses to make better decisions about data, including investing in up-to-date security,” said Information Commissioner Elizabeth Denman.

German authorities raid FinFisher offices | ZDNet

German authorities have raided the offices of FinFisher, a German software company that makes surveillance tools, accused in the past of providing software to oppressive regimes. The raids took place earlier this month, on October 6 and October 8, and were ordered by the Munich Public Prosecutor’s Office.

https://www.ictjournal.ch/news/2020-10-12/surveillance-electronique-record-dans-le-canton-de-vaud

Divers

L’accélérateur Tech4Trust retient plus de vingt start-up pour sa deuxième édition

Consacré à la confiance numérique et désormais intégré à l’initiative Trust Valley, l’accélérateur Tech4Trust a sélectionné 27 start-up pour sa deuxième édition. Les jeunes pousses retenues sont actives dans les domaines de la cybersécurité, de la blockchain, de la protection de la sphère privée ou encore de la traçabilité.

Les habitants de la cité-État y ont désormais recours pour faire leur déclaration d’impôt ou une demande de logement

Check Also

La graphologie a donc aussi sa dimension cyber

crime

Europol vient de publier son dernier rapport Europol IOCTA 2020 sur la cybercriminalité et ce n’est réjouissant



Source link

Is your business effected by Cyber Crime?

If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/

Europe +31558448040
UK +44 20 8089 9944
ASIA +85239733884