\n
Actualit\u00e9 de la Cybers\u00e9curit\u00e9<\/strong><\/p>\n<\/div>\n Revue de presse<\/strong><\/p>\n CSIRT IICRAI<\/strong><\/p>\n Jeudi 06 juin 2019<\/span><\/strong><\/p>\n CYBERCRIME<\/span><\/strong><\/p>\n<\/div>\n Cryptojacking campaign uses Shodan to scan for Docker hosts to hack<\/span><\/em><\/strong><\/p>\n A new cryptojacking campaign was spotted by experts at Trend Micro, crooks are using Shodan to scan for Docker hosts with exposed APIs.<\/span><\/p>\n Securityaffairs.co<\/span><\/a><\/span><\/p>\n Blog.trendmicro.com<\/span><\/a><\/span><\/p>\n Romanian National Sentenced to 65 Months in Federal Prison for Multi-State ATM Card Skimming Scheme<\/strong><\/em><\/span><\/p>\n Scheme caused over $868,000 in losses from over 530 individual accounts in three states<\/span><\/p>\n Justice.gov<\/span><\/a><\/span><\/p>\n CYBERWARFARE<\/span><\/strong><\/p>\n<\/div>\n The EU\u2019s Embassy In Russia Was Hacked But The EU Kept It A Secret<\/span><\/em><\/strong><\/p>\n An ongoing \u201csophisticated cyber espionage event\u201d was discovered in April, just weeks before the European Parliament elections \u2014 but the European External Action Service (EEAS), the EU\u2019s foreign and security policy agency, did not disclose the incident publicly.<\/span><\/p>\n Buzzfeednews.com<\/span><\/a><\/span><\/p>\n CRYPTO-CURRENCY<\/span><\/strong><\/p>\n<\/div>\n New Evidence Suggests Satoshi Nakamoto Is Paul Solotshi, The Creator of Encryption Software E4M and TrueCrypt<\/span><\/em><\/strong><\/p>\n Paul Solotshi Calder Le Roux, a 46-year old criminal mastermind, is the creator of encryption software E4M and TrueCrypt (the cryptography encryption software Satoshi Nakamoto likely used to lock up his 1 million BTC), and author of an uncannily similar manifesto to the one in Bitcoin\u2019s whitepaper in 1998.<\/span><\/p>\n Investinblockchain.com<\/span><\/a><\/span><\/p>\n HACK<\/span><\/strong><\/p>\n<\/div>\n Bypassing Root CA checks in Flutter based apps on Android<\/span><\/em><\/strong><\/p>\n I recently started looking at Android apps based on the Flutter framework, I\u2019d not come across any before and after a pub discussion about something entirely unrelated managed to find one to break.<\/span><\/p>\n Orangewirelabs.wordpress.com<\/span><\/a><\/span><\/p>\n VULNERABILITIES<\/span><\/strong><\/p>\n<\/div>\n Patch Android! June 2019 update fixes eight critical flaws<\/span><\/em><\/strong><\/p>\n Despite the modest vulnerability count, the fact that 8 are marked \u2018critical\u2019 and 14 \u2018high\u2019 is good enough reason to want them as soon as possible, with 2 of the criticals (CVE-2019-2094 and CVE-2019-2095) affecting only version 9.<\/span><\/p>\n Nakedsecurity.sophos.com<\/span><\/a><\/span><\/p>\n Unit 42 Discovers Vulnerabilities in Adobe Acrobat and Reader and Foxit Reader, Shares Threat Research at Microsoft BlueHat Shanghai 2019<\/span><\/em><\/strong><\/p>\n As part of ongoing threat research, Palo Alto Networks Unit 42 threat researchers have discovered 28 new vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their May Adobe Security Bulletin APSB19-18<\/span><\/p>\n Unit42.paloaltonetworks.com<\/span><\/a><\/span><\/p>\n Expert developed a MetaSploit module for the BlueKeep flaw<\/em><\/strong><\/p>\n The vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft with May 2019 Patch Tuesday updates. BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities.<\/span><\/p>\n Securityaffairs.co<\/span><\/a><\/span><\/p>\n Avoiding the DoS: How BlueKeep Scanners Work<\/span><\/em><\/strong><\/p>\n On May 21, @JaGoTu and I released a proof-of-concept for CVE-2019-0708. This vulnerability has been nicknamed \u00ab\u00a0BlueKeep\u00a0\u00bb. Instead of causing code execution or a blue screen, our exploit was able to determine if the patch was installed.Now that there are public denial-of-service exploits, I am willing to give a quick overview of the luck that allows the scanner to avoid a blue screen and determine if the target is patched or not.<\/span><\/p>\n Zerosum0x0.blogspot.com<\/span><\/a><\/span><\/p>\n PRIVACY<\/span><\/strong><\/p>\n<\/div>\n Firefox bloque les traqueurs et cookies publicitaires<\/span><\/em><\/strong><\/p>\n Les traqueurs et les cookies tiers permettant la collecte de donn\u00e9es utilisateurs \u00e0 des fins de ciblage publicitaire ne sont plus en odeur de saintet\u00e9 chez Firefox. La fonction Facebook Container, permettant d’isoler la navigation du r\u00e9seau social dans un onglet de Firefox, est par ailleurs renforc\u00e9e.<\/span><\/p>\n Lemondeinformatique.fr<\/span><\/a><\/span><\/p>\n PHISHING<\/span><\/strong><\/p>\n<\/div>\n Phishing attacks that bypass 2-factor authentication are now easier to execute<\/span><\/em><\/strong><\/p>\n Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block. The tool makes such attacks much easier to deploy, so organizations should adapt their anti-phishing training accordingly.<\/span><\/p>\n Csoonline.com<\/span><\/a><\/span><\/p>\n REPORTS & WHITE PAPERS<\/span><\/strong><\/p>\n<\/div>\n Iranian APT group \u2018MuddyWater\u2019 Adds Exploits to Their Arsenal<\/span><\/em><\/strong><\/p>\n In recent months, there has been considerable unrest in the Iranian cyber sphere. Highly sensitive data about Iranian APT groups was leaked, exposing abilities, strategies, and attack tools. The main medium for this leak was a telegram channel.<\/span><\/p>\n