[SECHebdo] 19 mai 2020 r2

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : Todo (00:01:30) Notre discord : http://discord.comptoirsecu.fr A bientôt pour d’autres émissions/podcasts! Liste des sources : Google Auth migration creds Google Authenticator’s first Android update in years lets you move your account between devices - The Verge Favicon skimmer Credit card skimmer masquerades as favicon - Malwarebytes Labs | Malwarebytes Labs Breach easyjet EasyJet admits data of nine million hacked - BBC News http://otp.investis.com/clients/uk/easyjet1/rns/regulatory-story.aspx?cid=2&newsid=1391756 Hutchins The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet | WIRED Thunderspy New Thunderbolt security flaws affect systems shipped before 2019 GitHub - ufrisk/pcileech: Direct Memory Access (DMA) Attack Software 403 Forbidden Vie privée et applis COVID Apple and Google to prevent contact tracing apps from tracking your location - TechRepublic La bière vous a trahi (vie privée et géolocalisation US officials) Bellingcat sur Twitter bellingcat - Military And Intelligence Personnel Can Be Tracked With The Untappd Beer App - bellingcat CornerVuln NXNSAttack Top_10_Routinely_Exploited_Vulnerabilities_S508C Ben Hawkes sur Twitter vBulletin 5.6.1 Security Patch Level 1 - vBulletin Community Forum Bug 2571 – Out-of-bound buffer read leads to Authentication Bypass in Exim SPA authentication method https://portal.msrc.microsoft.com/fr-fr/security-guidance/advisory/CVE-2020-1048 PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth (CVE-2020-1048 & more) – Winsider Seminars & Solutions Inc. GitHub - ionescu007/PrintDemon: PrintDemon is a PoC for a series of issues in the Windows Print Spooler service, as well as potetial misuses of the functionality. CVE-2020-12801 | LibreOffice - Free Office Suite - Based on OpenOffice - Compatible with Microsoft cve-2020-1088-yet-another-arbitrary-delete-eop How to use Trend Micro’s Rootkit Remover to Install a Rootkit – Bill Demirkapi’s Blog – The adventures of a 18 year old security researcher. Playing with GZIP: RCE in GLPI (CVE-2020-11060) - Almond Offensive Security Blog Bug #1878115 “logged luks passwords” : Bugs : curtin package : Ubuntu CVE-2020-11932 in Ubuntu