[SECHebdo] 04 Février 2020

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : Todo (00:01:30) Notre discord : http://discord.comptoirsecu.fr A bientôt pour d’autres émissions/podcasts! Liste des sources : Découverte de la semaine - Nouveaux outils forensics Mac Twitter Forensic Utilities - Mac GitHub - Rurik/Noriben: Noriben - Portable, Simple, Malware Analysis Sandbox Bref - Ransomware chez Xefi Jura Jura. Une cyber attaque touche l’entreprise XEFI et ses clients jurassiens | Voix du Jura Ransomware Bitcoin Wallet Frozen by UK Court to Recover Ransom Maze Ransomware Not Getting Paid, Leaks Data Left and Right Exposition de données de support MS 250 million Microsoft customer service & support records exposed BinaryEdge Access Misconfiguration for Customer Support Database - Microsoft Security Response Center Invisible characters fingerprint https://medium.com/@umpox/be-careful-what-you-copy-invisibly-inserting-usernames-into-text-with-zero-width-characters-18b4e6f17b66 Amélioration d’attack simulator O365 Announcing Updates to the M365 Attack Simulator - Microsoft Tech Community - 1065762 Ransomware bis PDF Document DOD contractor suffers ransomware infection | ZDNet Toll Group tight-lipped on alleged ransomware attack - Security - iTnews City of Racine attacked with ransomware Une cyber-attaque en cours chez l’intégrateur IT belge SPIE ICS - ICT actualité - Data News School’s out as ransomware attack downs IT systems at Scotland’s Dundee and Angus College • The Register ITI Technical College latest victim of ransomware attacks Information on a cyberattack | Bouygues Construction Mediaroom Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events | NCCoE Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events | NCCoE https://www.cbc.ca/news/technology/unnamed-insurance-company-cyberattack-1.5445326 Corner Vuln Jenkins Security Advisory 2020-01-29 TeamViewer - WhyNotSecurity Heap Overflow in F-Secure Internet Gatekeeper · Doyensec’s Blog Django security releases issued: 3.0.3, 2.2.10, and 1.11.28 | Weblog | Django Code injection in Workflows leading to SharePoint RCE (CVE-2020-0646) – MDSec https://www.qualys.com/2020/01/28/cve-2020-7247/lpe-rce-opensmtpd.txt GitHub - Xh4H/Satellian-CVE-2020-7980: PoC script that shows RCE vulnerability over Intellian Satellite controller Adobe Security Bulletin