[SECHebdo] 11 Février 2020

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : Todo (00:01:30) Notre discord : http://discord.comptoirsecu.fr A bientôt pour d’autres émissions/podcasts! Liste des sources : Dashlane retiré du store Chrome pour abus de permissions Google Removes Dashlane Password Manager from Chrome Web Store Emotet se répend à coup de bruteforce wifi Emotet trojan evolves to spread via WiFi connections | ZDNet Bref - DDoS infra iranienne Massive DDoS attack brought down 25% Iranian Internet connectivitySecurity Affairs Internet shutdown in Iran following reported cyber-attack - NetBlocks Shimon Prokupecz sur Twitter Sadjad Bonabi 🇮🇷 sur Twitter Follow-up : SIM swap et FAI US Everything you need to know about SIM swap fraud, plus one thing to do right now - CNET Cyberreason prend la place d’emotet gsoc-tools/emotet-locker at master · cybereason-labs/gsoc-tools · GitHub Cybereason lance l’outil Emotet-Locker pour aider les entreprises et les institutions publiques à combattre le malware Emotet - Global Security Mag Online Gygabyte driver exploité pour privs kernel Ransomware Exploits GIGABYTE Driver to Kill AV Processes Mutation de ransomware pour l’ICS EKANS Ransomware and ICS Operations | Dragos CornerVuln CVE-2020-0767: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767 CVE-2020-0662: RCE Windows / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0662 CVE-2020-0681: RCE Remote Desktop Client / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0681 CVE-2020-0710: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710 CVE-2020-0712: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712 CVE-2020-0713: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713 CVE-2020-0711: RCE Scripting Engine Memory Corruption / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711 CVE-2020-0729: RCE LNK / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729 CVE-2020-0734: RCE Remote Desktop Client / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0734 CVE-2020-0738: RCE Media Foundation / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0738 CVE-2020-0673: RCE / NOT EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0673 CVE-2020-0674: RCE / EXPLOITED / https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674 — CVE-2020-3120 : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos CVE-2020-3119: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce CVE-2020-3118: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce CVE-2020-3111: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos CVE-2020-3110: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-ipcameras-rce-dos Armis CDPwn WP —- Symantec Endpoint Protection Multiple Issues —- CVE 2020-2100 Jenkins DoS attack Forging SWIFT MT Payment Messages for fun and pr… research! Forging SWIFT MT Payment Messages for fun and pr… research! Découverte de la semaine: uncoder.io https://uncoder.io