[SECHebdo] 11 Février 2020 : Le Comptoir Sécu

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio:

Au sommaire de cette émission :

Todo (00:01:30)

Notre discord : http://discord.comptoirsecu.fr

A bientôt pour d’autres émissions/podcasts!

Liste des sources :

Dashlane retiré du store Chrome pour abus de permissions
- Google Removes Dashlane Password Manager from Chrome Web Store
Emotet se répend à coup de bruteforce wifi
- Emotet trojan evolves to spread via WiFi connections | ZDNet
Bref - DDoS infra iranienne
Follow-up : SIM swap et FAI US
- Everything you need to know about SIM swap fraud, plus one thing to do right now - CNET
Cyberreason prend la place d’emotet
- gsoc-tools/emotet-locker at master · cybereason-labs/gsoc-tools · GitHub
- Cybereason lance l’outil Emotet-Locker pour aider les entreprises et les institutions publiques à combattre le malware Emotet - Global Security Mag Online
Gygabyte driver exploité pour privs kernel
- Ransomware Exploits GIGABYTE Driver to Kill AV Processes
Mutation de ransomware pour l’ICS
- EKANS Ransomware and ICS Operations | Dragos
CornerVuln
- CVE-2020-0767: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767
- CVE-2020-0662: RCE Windows / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0662
- CVE-2020-0681: RCE Remote Desktop Client / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0681
- CVE-2020-0710: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710
- CVE-2020-0712: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712
- CVE-2020-0713: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713
- CVE-2020-0711: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711
- CVE-2020-0729: RCE LNK / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729
- CVE-2020-0734: RCE Remote Desktop Client / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0734
- CVE-2020-0738: RCE Media Foundation / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0738
- CVE-2020-0673: RCE / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0673
- CVE-2020-0674: RCE / EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674
- —
- CVE-2020-3120 : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos
- CVE-2020-3119: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce
- CVE-2020-3118: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce
- CVE-2020-3111: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos
- CVE-2020-3110: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-ipcameras-rce-dos
- Armis CDPwn WP
- —-
- Symantec Endpoint Protection Multiple Issues
- —-
- CVE 2020-2100
- Jenkins DoS attack
Forging SWIFT MT Payment Messages for fun and pr… research!
- Forging SWIFT MT Payment Messages for fun and pr… research!
Découverte de la semaine: uncoder.io
- https://uncoder.io

Le Comptoir Sécu

Parlons cybersécurité...autour d'un verre!

[SECHebdo] 11 Février 2020

Dashlane & perms Chrome, DDoS Infra Iran, SIM Swap & FAI US, Emotet, Ransomware & ICS, CornerVuln, etc.

Liste des sources :

À propos

Services

Faire un don