[SECHebdo] 14 Avril 2020
Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : (00:01:30) Todo Notre discord : http://discord.comptoirsecu.fr A bientôt pour d’autres émissions/podcasts! Liste des sources : Visa pousse pour la mise à jour Magento Visa urges merchants to migrate e-commerce sites to Magento 2.x acquirer-advisory-magento-migration Talos on biometric fingerprint sensors bypass fingerprint-research Corner vuln VMSA-2020-0006 VMware Knowledge Base Someone’s wiping out elastic searches and leaving a security firm’s name A hacker has wiped, defaced more than 15,000 Elasticsearch servers | ZDNet Security Advisories - Juniper Networks DSA-2020-063: iDRAC Buffer Overflow Vulnerability | Dell France APT41 Using New Speculoos Backdoor to Target Organizations Globally This Is Not a Test: APT41 Initiates Global Intrusion Campaign UsingMultiple Exploits | FireEye Inc pulse-host-checker-rce: MITM RCE Host Checker for Pulse Secure - Gogs Public KB - SA44426 - 2020-04: Out-of-Cycle Advisory: Multiple Host Checker Vulnerabilities R1 Tenable.sc 5.14.0 Fixes Multiple Vulnerabilities - Security Advisory | Tenable® La sécurité mise en pause? Google reenables FTP support in Chrome due to pandemic Microsoft and Google delay online authentication change – Naked Security Microsoft delays end of support for older Windows, software versions Doit-on le bannir en entreprise? Over 500,000 Zoom accounts sold on hacker forums, the dark web FAQ on Zoom Security Issues - The Citizen Lab Zoom Caught in Cybersecurity Debate — Here’s Everything You Need To Know Zoom Vulnerability - Schneier on Security Zoom’s privacy and security woes in the spotlight | WeLiveSecurity Découverte de la semaine Become an Azure Sentinel Ninja: The complete level 400 training - Microsoft Tech Community - 1246310