[SECHebdo] 21 Mai 2019

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : Todo (00:01:30) Notre discord : http://discord.comptoirsecu.fr A bientôt pour d’autres émissions/podcasts! Liste des sources : MageCart, ça continue Hackers Inject Magecart Card Skimmer in Forbes’ Subscription Site Polymorphic Magecart Skimmer Uses Over Fifty Payment Gateways GitHub-Hosted Magecart Card Skimmer Found on Hundreds of Stores Handshake ciphers, plus un IoC ? Attackers Evade Detection By Randomizing TLS Handshake Ciphers Huawei vs USA : Saison 4 Department of Commerce Issues Limited Exemptions on Huawei Products | U.S. Department of Commerce Android sur Twitter Exclusive: Google suspends some business with Huawei after Trump blacklist - source - Reuters Exclusive: Huawei stockpiles 12 months of parts ahead of US ban - Nikkei Asian Review Huawei mogelijk betrokken bij Chinese spionage in Nederland | De Volkskrant Executive Order on Securing the Information and Communications Technology and Services Supply Chain | The White House RDP RCE https://pbs.twimg.com/media/D7Ay42dXsAALZSt.png:large GCHQ ICS Impact from Microsoft RDP Vulnerability | Dragos Cyber-Defence/2019_05_rdp_cve_2019_0708.txt at master · nccgroup/Cyber-Defence · GitHub Удаленное выполнение произвольного кода в протоколе RDP / Блог компании Инфосистемы Джет / Хабр Chaouki Bekrar sur Twitter Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) – MSRC Processeurs Intel, MDS CPU.fail RIDL: Rogue In-flight Data Load WhatsHack Attackers Exploit WhatsApp Flaw to Auto-Install Spyware WhatsApp Vulnerability Exploited to Spy on Users | SecurityWeek.Com The NSO WhatsApp Vulnerability - This is How It Happened - Check Point Research 0days in the wild 0day “In the Wild” MegaCortex MegaCortex, deconstructed: mysteries mount as analysis continues – Sophos News IoCs/Ransomware-MegaCortex at master · sophoslabs/IoCs · GitHub “MegaCortex” ransomware wants to be The One – Sophos News RCE Citrix Workspace / receiver technical-advisory-citrix-workspace-receiver-remote-code-execution-vulnerability