Podtranscript
Log out

Le Comptoir Sécu: [SECHebdo] 11 novembre 2020 - YouTube-dl, 2020 : année du ransomware (et containment par Mandiant), CVE Tiki Wiki, HTB Academy, CornerVuln, Botconf, GreHack, etc.

L'équipe du Comptoir Sécu L'équipe du Comptoir Sécu 11/11/20 - Episode Page

<![CDATA[https://www.comptoirsecu.fr/images/covers/2020-11-11-sechebdo-vignette.jpg" />
]]>

<p>Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d&rsquo;habitude, si vous avez raté l&rsquo;enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio:</p>

<p>
<strong>Au sommaire de cette émission :</strong>
<ul><li>Todo <strong><a href="#t=00:01:30" onclick="location.reload()">(00:01:30)</a></strong></li></ul>
</p>

<script type="application/ld+json" id="podigee-settings">
{
"options": {
"theme": "default"
},
"extensions": {
"ChapterMarks": {
"disabled": false
},
"EpisodeInfo": {},
"Playlist": {
"disabled": true
},
"Transcript": {
"disabled": true
}
},
"podcast": {
"feed": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2020-11-11.m4a"
},
"episode": {
"media": {
"mp3": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2020-11-11.m4a"
},
"coverUrl": "https://www.comptoirsecu.fr/images/covers/2020-11-11-sechebdo-vignette.jpg",
"title": "[SECHebdo] 11 novembre 2020",
"subtitle": "YouTube-dl, 2020 : année du ransomware (et containment par Mandiant), CVE Tiki Wiki, HTB Academy, CornerVuln, Botconf, GreHack, etc.",
"description": "Épisode du 11 11 2020 - SECHebdo est une revue de l&#39;actualité cybersécurité réalisée en live sur Youtube, généralement le mercredi soir."

,"chaptermarks": [





{ "start": "00:01:30", "title": "Todo"}


]

}
}
</script>

<script type="text/javascript" src="https://www.comptoirsecu.fr/js/podigee-get-settings.min.192d4afa439903f73345b15d3d1b7132598bb1d2238d1f1fc91d39b516bf2ed2.js" integrity="sha256-GS1K&#43;kOZA/czRbFdPRtxMlmLsdIjjR8fyR05tRa/LtI="></script>
<script class="podigee-podcast-player" src="//cdn.podigee.com/podcast-player/javascripts/podigee-podcast-player.js" data-configuration="podigee"></script>


<p>Notre discord : <a href="http://discord.comptoirsecu.fr">http://discord.comptoirsecu.fr</a></p>

<p>A bientôt pour d&rsquo;autres émissions/podcasts!</p>

<h3 id="liste-des-sources">Liste des sources :</h3>

<ul>
<li>Botconf &amp; Grehack

<ul>
<li><a href="https://twitter.com/botconf/status/1318947774570897410?s=21">https</a></li>
<li><a href="https://www.billetweb.fr/botconf-2020">Tickets : Botconf 2020 - Billetweb</a></li>
<li><a href="https://grehack.fr/">GreHack 2020</a></li>
</ul></li>
<li>Drama youtube-dl

<ul>
<li><a href="https://itsfoss.com/youtube-dl-github-takedown/">Microsoft GitHub Disables youtube-dl Open Source Project</a></li>
<li><a href="https://github.com/github/dmca/tree/416da574ec0df3388f652e44f7fe71b1e3a4701f">GitHub - github/dmca at 416da574ec0df3388f652e44f7fe71b1e3a4701f</a></li>
</ul></li>
<li>Mandiant, Cobalt Strike, Ransomware, encore&hellip;

<ul>
<li><a href="https://www.fireeye.com/blog/threat-research/2020/10/kegtap-and-singlemalt-with-a-ransomware-chaser.html">Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser | FireEye Inc</a></li>
<li><a href="https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/wp-ransomware-protection-and-containment-strategies.pdf">PDF Document</a></li>
</ul></li>
<li>2020 l&rsquo;année du ransomware

<ul>
<li><a href="https://www.bleepingcomputer.com/news/security/laptop-maker-compal-hit-by-ransomware-17-million-demanded/">Laptop maker Compal hit by ransomware, $17 million demanded</a></li>
<li><a href="https://www.bankinfosecurity.com/blogs/data-exfiltrating-ransomware-gangs-pedal-false-promises-p-2965">Data-Exfiltrating Ransomware Gangs Pedal False Promises</a></li>
<li><a href="https://www.techrepublic.com/article/hackers-have-only-just-wet-their-whistle-expect-more-ransomware-and-data-breaches-in-2021/#ftag=RSS56d97e7">Hackers have only just wet their whistle. Expect more ransomware and data breaches in 2021. - TechRepublic</a></li>
<li><a href="https://www.coveware.com/blog/q3-2020-ransomware-marketplace-report">Q3 Ransomware Demands rise: Maze Sunsets and Ryuk Returns</a></li>
<li><a href="https://securelist.com/targeted-ransomware-encrypting-data/99255/">Targeted ransomware: it’s not just about encrypting your data! | Securelist</a></li>
<li><a href="https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-also-encrypts-linux-systems/">RansomExx ransomware also encrypts Linux systems</a></li>
</ul></li>
<li>CornerVulns

<ul>
<li><a href="https://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/">Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions | landave&rsquo;s blog</a></li>
<li><a href="https://sick.codes/extraordinary-vulnerabilities-discovered-in-tcl-android-tvs-now-worlds-3rd-largest-tv-manufacturer/">Extraordinary Vulnerabilities Discovered in TCL Android TVs, Now World’s 3rd Largest TV Manufacturer. - Sick Codes - Linux, NetSec, VPS, Arch, Debian, CentOS Tweaks &amp; Tips!</a></li>
<li><a href="https://www.cyberark.com/resources/threat-research-blog/intel-please-stop-assisting-me">Intel, Please Stop Assisting Me</a></li>
<li><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">Oracle Critical Patch Update Advisory - October 2020</a></li>
<li><a href="https://support.a10networks.com/support/security_advisory/acos-agalaxy-gui-rce-vulnerability-cve-2020-24384">ACOS/aGalaxy GUI RCE Vulnerability – CVE-2020-24384 – A10 Support</a></li>
<li><a href="https://platypusattack.com/">PLATYPUS: With Great Power comes Great Leakage</a></li>
<li><a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html">INTEL-SA-00389</a></li>
<li><a href="https://xenbits.xen.org/xsa/advisory-351.html">XSA-351 - Xen Security Advisories</a></li>
<li><a href="https://www.amd.com/en/corporate/product-security">AMD Product Security | AMD</a></li>
<li><a href="https://www.nvidia.com/en-us/security/">NVIDIA Product Security | NVIDIA</a></li>
<li><a href="https://kb.cert.org/vuls/id/231329">search</a></li>
<li><a href="https://www.westerndigital.com/support/productsecurity/wdc-20008-replay-attack-vulnerabilities-rpmb-protocol-applications">WDC-20008 Replay Attack Vulnerabilities in RPMB Protocol Applications | Western Digital</a></li>
<li><a href="https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/collateral/white-paper/white-paper-replay-protected-memory-block-protocol-vulernabilities.pdf">PDF Document</a></li>
<li><a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391.html">INTEL-SA-00391</a></li>
<li><a href="https://www.intel.com/content/dam/www/public/us/en/security-advisory/documents/intel-csme-security-white-paper.pdf">PDF Document</a></li>
</ul></li>
<li>HTB Academy

<ul>
<li><a href="https://academy.hackthebox.eu/">Cyber Security Training : HTB Academy</a></li>
</ul></li>
<li>CVE Tiki Wiki CMS

<ul>
<li><a href="https://github.com/S1lkys/CVE-2020-15906">GitHub - S1lkys/CVE-2020-15906: Writeup of CVE-2020-15906</a></li>
</ul></li>
</ul>