yaracroft @venom@nanao.cybtex.fr

#Adobe Framemaker : This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user #vuln #informatique

#Adobe Illustrator 2021 : This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution in the context of current user #vuln #informatique

#Adobe Dimension : This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution in the context of current user #vuln #informatique

Multiples vulnerabilities discovered in #SAP products #vuln #informatique

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=580617506

CVE-2021-22928 - A vulnerability has been identified in #Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM #vuln #informatique

https://support.citrix.com/article/CTX319750

Multiples vulnerabilities discovered in Microsoft products #vuln #informatique

https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul

Multiple vulnerabilities in VMware ESXi products #vuln #informatique

https://www.vmware.com/security/advisories/VMSA-2021-0014.html

Twitter admits it verified several fake accounts. Alex Stamos, Facebook's former chief security officer, noted that many of the account names appeared to be Turkish, suggesting that the incident could be linked to a nation-state operation. This #security incident raises questions about how the accounts were able to get verified in the first place, and why #Twitter's processes didn't flag them before they were discovered by a third-party researcher #cyber #threats #botnet

https://www.dailydot.com/debug/twitter-verified-bot-accounts/

(Reuters) - An Iranian-American businessman wants to sue #US #law firm Dechert LLP (dechert.com) over allegations of hacking, seeking a #London court's approval to add it as a defendant in a long-simmering dispute with the Ras Al Khaimah Investment Authority (RAKIA). Azima's effort to sue Dechert over hacking is further fallout from last year's exposure of the Indian #cyber #espionage firm BellTroX. Obscure Indian cyber firm spied on politicians, investors worldwide.. #india #justice

https://www.reuters.com/article/us-cyber-india-dechert/dechert-may-face-uk-lawsuit-over-indian-hacking-claim-idUSKBN2EI2BI

CVE-2021-28474 : Analysis - #Microsoft SharePoint Remote Code Execution (RCE) #vulnerabilities

https://www.zerodayinitiative.com/blog/2021/7/7/cve-2021-28474-sharepoint-remote-code-execution-via-server-side-control-interpretation-conflict

Two Companies Have REvil Data ; They Don't (O'RLY?) Appear Eager to Help

https://www.bankinfosecurity.com/blogs/theres-clear-line-from-revil-ransomware-to-russia-p-3065

REvil fait-il le coup de la disparition délibérée ? Les spéculations vont bon train. L'#infrastructure de #REvil semble avoir été stoppée. Ce groupe est soupçonné d'avoir été aux commandes du #ransomware Gandcrab ( qui, d'après eux, aurait dégagé + de 130 millions d'euros / an ). Les auteurs de ce dernier avaient annoncé leur disparation au printemps 2019, manifestement pour mieux revenir quelques mois plus tard. Si la disparition volontaire de REvil est confirmée, elle viendrait s'ajouter à celles d'autres opérateurs de ransomware tels que DarkSide et Avaddon.

https://www.lemagit.fr/actualites/252503951/Ransomware-linfrastructure-de-REvil-apparait-avoir-ete-eteinte

In a first for the #US Air Force's new information warfare entity, the service inked patent license agreements with the private sector for code it developed in house to detect #software #vulnerabilities. Software, called Whiddler, scans files on a network and calculates the probability of whether a file is malicious. It looks for suspicious items that don't have a signature and therefore might escape #antivirus software that scans for known problematic signatures. With the technology transferred to a third party, the government can choose whether its wants to adopt improvements to the code that the companies make. The companies can modify and improve the code and sell it to #industry, making the larger community more secure, officials said. #malware #cyber #threats

https://www.c4isrnet.com/cyber/2021/07/12/air-force-cyber-squadron-offers-its-malicious-file-detection-software-to-private-sector/

La preuve de vaccination reçue par des millions de Québécois sous forme de code QR renferme des données personnelles que le gouvernement n'a pas suffisement sécurisé. Des experts en cybersécurité y voient un potentiel de fraude élevé « Si un commerçant véreux ou curieux prend une application maison pour exploiter l'information, il y a un potentiel d'exploitation malveillante », dit Steve Waterhouse, ancien officier de sécurité #informatique au ministère de la Défense et chargé de cours en cybersécurité à l'Université de Sherbrooke ( #canada )

https://ici.radio-canada.ca/nouvelle/1808447/preuve-vaccinale-code-qr-vaccin-commerces-securite

« To know your enemy, you must become your enemy » ( Sun Tzu )

HAK5 Top Pentest Devices

🦆 Rubber Ducky
🐢 Lan Turtle
🍍 WiFi PinApple
🐰 Bash Bunny
🐿️ Packet Squirrel

#security #tools #informatique

Le 5 juillet 2021, la startup française Spliiit (spliiit.com), qui n'avait pas corrigée une faille de sécurité connue sur #Laravel, s'est vue exfiltrer sa base de données contenenant des informations portant sur plus de 200 000 clients. Unique, comme incident de sécurité ? Pas vraiment. On pourrait même dire « banal », si l'attaquant ne s'était pas fait connaître. #cyber #france

https://cyberguerre.numerama.com/12671-fuite-de-donnees-chez-le-francais-spliiit-la-communication-a-limite-les-degats.html

Comme annoncé dans son communiqué de presse du 7 mai 2021, Albioma a été victime d'une #cyber attaque par #ransomware sur le réseau #informatique du Groupe. L'attaque n'a eu aucune conséquence sur l'activité industrielle d'exploitation. Les investigations menées en profondeur par les experts en cybersécurité que nous avons diligentées ont fait apparaitre qu'une exfiltration de certaines données (#databreach) de l'entreprise a été constatée. #france

https://www.boursier.com/actions/actualites/news/albioma-fait-le-point-sur-la-cyberattaque-du-4-mai-854070.html

Salaires #informatique : Baromètre des rémunérations 2021 #france

https://www.silkhom.com/wp-content/uploads/2021/06/Barometre-des-salaires-Edition-2021.pdf

Masquerading as #UK scholars with the University of London's School of Oriental and African Studies (SOAS), the threat actor TA453 has been covertly approaching individuals since at least January 2021 to solicit sensitive information. The threat actor, an APT who we assess with high confidence supports Islamic Revolutionary Guard Corps (IRGC) intelligence collection efforts, established backstopping for their credential #phishing infrastructure by compromising a legitimate site of a highly regarded academic institution to deliver personalized credential harvesting pages disguised as registration links. Identified targets included experts in Middle Eastern affairs from think tanks, senior professors from well-known academic institutions, and journalists specializing in Middle Eastern coverage.

TA453 illegally obtained access to a website belonging to a world class academic institution to leverage the compromised infrastructure to harvest the credentials of their intended targets. The use of legitimate, but compromised, infrastructure represents an increase in TA453's sophistication and will almost certainly be reflected in future campaigns. TA453 continues to iterate, innovate, and collect in support of IRGC collection priorities. #cyber #threats

https://www.proofpoint.com/us/blog/threat-insight/operation-spoofedscholars-conversation-ta453