Actualité de la Cybersécurité
Revue de presse
CSIRT IICRAI
Mercredi 05 juin 2019
CYBERCRIME
The Australian National University suffered a major, sophisticated attack
The Australian National University suffered a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data.
Norsk Hydro Q1 2019 Profits Sank Following Ransomware Attack
The first quarter profits for Norsk Hydro sank after the Norwegian aluminum and renewable energy company fell victim to a ransomware attack.
According to Reuters, Norsk Hydro’s gains fell to 559 million Norwegian crowns (approximately $64.3 million at the time of reporting) in the first quarter of 2019. That number is down from 3.15 billion crowns a year earlier, constituting a drop of 82 percent.
An Inside Look at the Evolution of a West African Cybercriminal Startup Turned BEC Enterprise
Following an unsuccessful business email compromise (BEC) attack against a security firm, researchers have used active defense techniques to gain unprecedented insight into a Nigerian scamming group. The initial attack purported to be an email from the firm’s CEO asking the CFO to instigate “a domestic wire transfer to a vendor.”
MALWARE
HiddenWasp : un programme malveillant détecté sur Linux, capable de contrôler totalement les machines infectées
Les chercheurs d’Intezer ont découvert la semaine dernière une porte dérobée sous Linux surnommée HiddenWasp. Selon les chercheurs, cette porte dérobée est une suite de programmes comprenant un cheval de Troie, un rootkit et un script de déploiement initial.
En complément de la revue de presse du 31/05/2019
Platinum is back
In June 2018, Kaspersky came across an unusual set of samples spreading throughout South and Southeast Asian countries targeting diplomatic, government and military entities. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels. The actor behind this campaign, believed to be related to the notorious PLATINUM APT group, used an elaborate, previously unseen steganographic technique to conceal communication.
Magecart skimmers found on Amazon CloudFront CDN
Late last week, MalwareBytes observed a number of compromises on Amazon CloudFront – a Content Delivery Network (CDN) – where hosted JavaScript libraries were tampered with and injected with web skimmers.
HACK
How Hackers Use Social Media To Profile Targets
As cybercrime is all about monetary gain, attackers know that the more intelligence they gather about their targets the easier it is to achieve a compromise. On the other hand, most people voluntarily share large amounts of personal information on social networks without fully appreciating the risks. In this post, we’ll find out how hackers use social media to profile targets and how you can protect yourself and your business.
Newly Discovered Tap ’n Ghost Attack Let Hackers to Remotely Control Android Smartphones
A new attack dubbed Tap ‘n Ghost targets NFC enabled Android smartphones, let attackers to trigger malicious events on the victim’s smartphone and to take control over the smartphone remotely.
VULNERABILITIES
Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708)
After Microsoft warned Windows users on two separate occasions to patch a severe security flaw known as BlueKeep, now, the US National Security Agency has echoed the OS maker’s warning in the hopes of avoiding another WannaCry-like incident.
Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions
A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP).
Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions.
PRIVACY
Protecting Yourself from Identity Theft
I don’t have a lot of good news for you. The truth is there’s nothing we can do to protect our data from being stolen by cybercriminals and others.
il faut partir du principe que nos données ont probablement déjà été volées plusieurs fois et que la meilleure option consiste à s’assurer qu’elles ne soient pas utilisées contre nous!
REPORTS & WHITE PAPERS
Wajam: From start-up to massively-spread adware
How a Montreal-made “social search engine” application has managed to become a widely-spread adware, while escaping consequences
BUZZ
La France bannit les IA de prédiction des comportements des juges
Les technologies de justice prédictive sont-elles une menace pour la société ?
Intelligence-Artificielle.developpez.com