[SECHebdo] 11 Février 2020

Spela upp

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : (00:01:30) Todo Notre discord : http://discord.comptoirsecu.fr A bientôt pour d’autres émissions/podcasts! Liste des sources : Dashlane retiré du store Chrome pour abus de permissions Google Removes Dashlane Password Manager from Chrome Web Store Emotet se répend à coup de bruteforce wifi Emotet trojan evolves to spread via WiFi connections | ZDNet Bref - DDoS infra iranienne Massive DDoS attack brought down 25% Iranian Internet connectivitySecurity Affairs Internet shutdown in Iran following reported cyber-attack - NetBlocks Shimon Prokupecz sur Twitter Sadjad Bonabi 🇮🇷 sur Twitter Follow-up : SIM swap et FAI US Everything you need to know about SIM swap fraud, plus one thing to do right now - CNET Cyberreason prend la place d’emotet gsoc-tools/emotet-locker at master · cybereason-labs/gsoc-tools · GitHub Cybereason lance l’outil Emotet-Locker pour aider les entreprises et les institutions publiques à combattre le malware Emotet - Global Security Mag Online Gygabyte driver exploité pour privs kernel Ransomware Exploits GIGABYTE Driver to Kill AV Processes Mutation de ransomware pour l’ICS EKANS Ransomware and ICS Operations | Dragos CornerVuln CVE-2020-0767: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767 CVE-2020-0662: RCE Windows / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0662 CVE-2020-0681: RCE Remote Desktop Client / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0681 CVE-2020-0710: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710 CVE-2020-0712: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712 CVE-2020-0713: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713 CVE-2020-0711: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711 CVE-2020-0729: RCE LNK / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729 CVE-2020-0734: RCE Remote Desktop Client / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0734 CVE-2020-0738: RCE Media Foundation / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0738 CVE-2020-0673: RCE / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0673 CVE-2020-0674: RCE / EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674 CVE-2020-3120 : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos CVE-2020-3119: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce CVE-2020-3118: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce CVE-2020-3111: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos CVE-2020-3110: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-ipcameras-rce-dos Armis CDPwn WP Symantec Endpoint Protection Multiple Issues CVE 2020-2100 Jenkins DoS attack Forging SWIFT MT Payment Messages for fun and pr… research! Forging SWIFT MT Payment Messages for fun and pr… research! Découverte de la semaine: uncoder.io https://uncoder.io