Podtranscript
Log out

Le Comptoir Sécu: [SECHebdo] 11 février 2021 - FireJail, The Great Suspender, Leak ProjektRed, SCADA & VNC, Rançongiciel, Corner Vuln, Github1s, etc.

L'équipe du Comptoir Sécu L'équipe du Comptoir Sécu 2/11/21 - Episode Page

<![CDATA[https://www.comptoirsecu.fr/images/covers/2021-02-11-sechebdo-vignette.jpg" />
]]>

<p>Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d&rsquo;habitude, si vous avez raté l&rsquo;enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio:</p>

<p>
<strong>Au sommaire de cette émission :</strong>
<ul><li>Todo <strong><a href="#t=00:01:30" onclick="location.reload()">(00:01:30)</a></strong></li></ul>
</p>

<script type="application/ld+json" id="podigee-settings">
{
"options": {
"theme": "default"
},
"extensions": {
"ChapterMarks": {
"disabled": false
},
"EpisodeInfo": {},
"Playlist": {
"disabled": true
},
"Transcript": {
"disabled": true
}
},
"podcast": {
"feed": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2021-02-11.m4a"
},
"episode": {
"media": {
"mp3": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2021-02-11.m4a"
},
"coverUrl": "https://www.comptoirsecu.fr/images/covers/2021-02-11-sechebdo-vignette.jpg",
"title": "[SECHebdo] 11 février 2021",
"subtitle": "FireJail, The Great Suspender, Leak ProjektRed, SCADA &amp; VNC, Rançongiciel, Corner Vuln, Github1s, etc.",
"description": "Épisode du 11 02 2021 - SECHebdo est une revue de l&#39;actualité cybersécurité réalisée en live sur Youtube, généralement le mercredi soir."

,"chaptermarks": [





{ "start": "00:01:30", "title": "Todo"}


]

}
}
</script>

<script type="text/javascript" src="https://www.comptoirsecu.fr/js/podigee-get-settings.min.192d4afa439903f73345b15d3d1b7132598bb1d2238d1f1fc91d39b516bf2ed2.js" integrity="sha256-GS1K&#43;kOZA/czRbFdPRtxMlmLsdIjjR8fyR05tRa/LtI="></script>
<script class="podigee-podcast-player" src="//cdn.podigee.com/podcast-player/javascripts/podigee-podcast-player.js" data-configuration="podigee"></script>


<p>Notre discord : <a href="http://discord.comptoirsecu.fr">http://discord.comptoirsecu.fr</a></p>

<p>A bientôt pour d&rsquo;autres émissions/podcasts!</p>

<h3 id="liste-des-sources">Liste des sources :</h3>

<ul>
<li>FireJail - Local Root

<ul>
<li><a href="https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt">https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt</a></li>
<li><a href="https://unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/">Rigged Race Against Firejail for Local Root</a></li>
<li><a href="https://www.reddit.com/r/linuxmint/comments/5mya69/local_root_exploit_found_in_firejail_sandbox/">Local root exploit found in Firejail sandbox application, here&rsquo;s how to update it to fix the security issue : linuxmint</a></li>
</ul></li>
<li>ProjektRed - Ransom &amp; Leak

<ul>
<li><a href="https://twitter.com/vxunderground/status/1359473460448231425">https</a></li>
<li><a href="https://twitter.com/CDPROJEKTRED/status/1359048125403590660">https</a></li>
<li><a href="https://www.cadosecurity.com/post/punk-kitty-ransom-analysing-hellokitty-ransomware-attacks">Punk Kitty Ransom - Analysing HelloKitty Ransomware Attacks</a></li>
</ul></li>
<li>Tool - Github1s

<ul>
<li><a href="https://github1s.com/">GitHub1s</a></li>
<li><a href="https://github1s.com/WordPress/WordPress">GitHub1s</a></li>
</ul></li>
<li>Dependency confusion

<ul>
<li><a href="https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610">https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610</a></li>
</ul></li>
<li>Attaque d&rsquo;un centre de traitement des eaux en floride

<ul>
<li><a href="https://thehackernews.com/2021/02/poor-password-security-lead-to-recent.html">Poor Password Security Led to Recent Water Treatment Facility Hack</a></li>
<li><a href="https://krebsonsecurity.com/2021/02/whats-most-interesting-about-the-florida-water-system-hack-that-we-heard-about-it-at-all/">What’s most interesting about the Florida water system hack? That we heard about it at all. — Krebs on Security</a></li>
<li><a href="https://thehackernews.com/2021/02/hacker-tried-poisoning-water-supply.html">Hacker Tried Poisoning Water Supply After Breaking Into Florida&rsquo;s Treatment System</a></li>
<li><a href="https://www.bankinfosecurity.com/hackers-breached-florida-citys-water-treatment-system-a-15949">Hacker Breached Florida City&rsquo;s Water Treatment System</a></li>
<li><a href="https://www.zdnet.com/article/hacker-modified-drinking-water-chemical-levels-in-a-us-city/#ftag=RSSbaffb68">Hacker modified drinking water chemical levels in a US city | ZDNet</a></li>
</ul></li>
<li>Extension &ldquo;The Great Suspender&rdquo; contient maintenant un malware

<ul>
<li><a href="https://thehackernews.com/2021/02/warning-hugely-popular-great-suspender.html">WARNING — Hugely Popular &lsquo;The Great Suspender&rsquo; Chrome Extension Contains Malware</a></li>
<li><a href="https://www.ghacks.net/2021/01/09/we-no-longer-recommend-the-chrome-extension-the-great-suspender-here-is-why/">We no longer recommend the Chrome extension The Great Suspender. Here is why! - gHacks Tech News</a></li>
</ul></li>
<li>CornerVuln

<ul>
<li><a href="https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543">SAP Security Patch Day – February 2021 - Product Security Response at SAP - Community Wiki</a></li>
<li><a href="https://www.intel.com/content/www/us/en/security-center/default.html">Security Center</a></li>
<li><a href="https://helpx.adobe.com/security.html">Adobe Security Bulletins and Advisories</a></li>
<li><a href="https://www.vmware.com/security/advisories/VMSA-2020-0029.html">VMSA-2020-0029.1</a></li>
<li><a href="https://www.vmware.com/security/advisories/VMSA-2021-0001.html">VMSA-2021-0001</a></li>
<li><a href="https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html">Chrome Releases: Stable Channel Update for Desktop</a></li>
<li><a href="https://source.android.com/security/bulletin/2021-02-01">Android Security Bulletin—February 2021  |  Android Open Source Project</a></li>
<li><a href="https://support.apple.com/en-us/HT212177">https://support.apple.com/en-us/HT212177</a></li>
<li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/">Security Vulnerabilities fixed in Firefox 85.0.1 and Firefox ESR 78.7.1 — Mozilla</a></li>
<li><a href="https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/">Swarm of Palo Alto PAN-OS vulnerabilities – PT SWARM</a></li>
<li><a href="https://www.zerodayinitiative.com/blog/2021/2/11/three-more-bugs-in-orions-belt">Zero Day Initiative — Three More Bugs in Orion’s Belt</a></li>
<li><a href="https://www.forescout.com/company/blog/forescout-research-labs-releases-the-project-memoria-tcpip-stack-detector/">Forescout Research Labs Releases The Project Memoria TCP/IP Stack Detector - Forescout</a></li>
<li><a href="https://www.forescout.com/company/blog/numberjack-forescout-research-labs-finds-nine-isn-generation-vulnerabilities-affecting-tcpip-stacks/">NUMBER:JACK - Forescout Research Labs Finds Nine ISN Generation Vulnerabilities Affecting TCP/IP Stacks - Forescout</a></li>
<li><a href="https://googleprojectzero.blogspot.com/p/rca.html">Project Zero: 0day Exploit Root Cause Analyses</a></li>
<li><a href="https://www.nolimitsecu.fr/pandorabox/">Pandorabox - NoLimitSecu</a></li>
</ul></li>
<li>Opérateur de rançongiciel

<ul>
<li><a href="https://blog.talosintelligence.com/2021/02/interview-with-lockbit-ransomware.html">https://blog.talosintelligence.com/2021/02/interview-with-lockbit-ransomware.html</a></li>
</ul></li>
<li>ANSSI

<ul>
<li><a href="https://www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-002/">Infrastructure d’attaque du groupe cybercriminel TA505 – CERT-FR</a></li>
<li><a href="https://www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-001/">État de la menace rançongiciels à l’encontre des entreprises et institutions – CERT-FR</a></li>
</ul></li>
</ul>