Podtranscript
Log out

Le Comptoir Sécu: [SECHebdo] 13 janvier 2021 - Typo 3, Laravel, Vaccin COVID-19 par le prisme IT, adieu Red Forest, SolarWinds, Cadeaux CTF, etc.

L'équipe du Comptoir Sécu L'équipe du Comptoir Sécu 1/13/21 - Episode Page

<![CDATA[https://www.comptoirsecu.fr/images/covers/2021-01-13-sechebdo-vignette.jpg" />
]]>

<p>Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d&rsquo;habitude, si vous avez raté l&rsquo;enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio:</p>

<p>
<strong>Au sommaire de cette émission :</strong>
<ul><li>Todo <strong><a href="#t=00:01:30" onclick="location.reload()">(00:01:30)</a></strong></li></ul>
</p>

<script type="application/ld+json" id="podigee-settings">
{
"options": {
"theme": "default"
},
"extensions": {
"ChapterMarks": {
"disabled": false
},
"EpisodeInfo": {},
"Playlist": {
"disabled": true
},
"Transcript": {
"disabled": true
}
},
"podcast": {
"feed": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2021-01-13.m4a"
},
"episode": {
"media": {
"mp3": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2021-01-13.m4a"
},
"coverUrl": "https://www.comptoirsecu.fr/images/covers/2021-01-13-sechebdo-vignette.jpg",
"title": "[SECHebdo] 13 janvier 2021",
"subtitle": "Typo 3, Laravel, Vaccin COVID-19 par le prisme IT, adieu Red Forest, SolarWinds, Cadeaux CTF, etc.",
"description": "Épisode du 13 01 2021 - SECHebdo est une revue de l&#39;actualité cybersécurité réalisée en live sur Youtube, généralement le mercredi soir."

,"chaptermarks": [





{ "start": "00:01:30", "title": "Todo"}


]

}
}
</script>

<script type="text/javascript" src="https://www.comptoirsecu.fr/js/podigee-get-settings.min.192d4afa439903f73345b15d3d1b7132598bb1d2238d1f1fc91d39b516bf2ed2.js" integrity="sha256-GS1K&#43;kOZA/czRbFdPRtxMlmLsdIjjR8fyR05tRa/LtI="></script>
<script class="podigee-podcast-player" src="//cdn.podigee.com/podcast-player/javascripts/podigee-podcast-player.js" data-configuration="podigee"></script>


<p>Notre discord : <a href="http://discord.comptoirsecu.fr">http://discord.comptoirsecu.fr</a></p>

<p>A bientôt pour d&rsquo;autres émissions/podcasts!</p>

<h3 id="liste-des-sources">Liste des sources :</h3>

<ul>
<li>Article sur Typo3 &amp; Laravel

<ul>
<li><a href="https://www.synacktiv.com/publications/typo3-leak-to-remote-code-execution.html">Typo3: leak to Remote code execution. | Synacktiv</a></li>
<li><a href="https://www.ambionics.io/blog/laravel-debug-rce">Laravel &lt;= v8.4.2 debug mode: Remote code execution</a></li>
</ul></li>
<li>Outils redir web, BloodHound custom queries, et MindMaps

<ul>
<li><a href="http://1u.ms/">1u.ms</a></li>
<li><a href="https://github.com/hackerscrolls/SecurityTips/tree/master/MindMaps">SecurityTips/MindMaps at master · hackerscrolls/SecurityTips · GitHub</a></li>
<li><a href="https://github.com/hausec/Bloodhound-Custom-Queries">GitHub - hausec/Bloodhound-Custom-Queries: Custom Query list for the Bloodhound GUI based off my cheatsheet</a></li>
</ul></li>
<li>Le vaccin vu par un Reverseur

<ul>
<li><a href="https://berthub.eu/articles/posts/reverse-engineering-source-code-of-the-biontech-pfizer-vaccine/">Reverse Engineering the source code of the BioNTech/Pfizer SARS-CoV-2 Vaccine - Articles</a></li>
</ul></li>
<li>Administration, la fin des red forests

<ul>
<li><a href="https://docs.microsoft.com/en-us/security/compass/esae-retirement">Enhanced Security Admin Environment (ESAE) architecture mainstream retirement | Microsoft Docs</a></li>
<li><a href="https://docs.microsoft.com/en-us/security/compass/security-rapid-modernization-plan">Rapidly modernize your security infrastructure | Microsoft Docs</a></li>
</ul></li>
<li>SolarWinds

<ul>
<li><a href="https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html">Highly Evasive Attacker Leverages SolarWinds Supply Chain to CompromiseMultiple Global Victims With SUNBURST Backdoor | FireEye Inc</a></li>
<li><a href="https://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html">SUNBURST Additional Technical Details | FireEye Inc</a></li>
<li><a href="https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/">Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers - Microsoft Security</a></li>
<li><a href="https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/">Solorigate Resource Center – updated December 31st, 2020 – Microsoft Security Response Center</a></li>
<li><a href="https://securelist.com/sunburst-backdoor-kazuar/99981/">Sunburst backdoor – code overlaps with Kazuar | Securelist</a></li>
<li><a href="https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/">SUNSPOT Malware: A Technical Analysis | CrowdStrike</a></li>
<li><a href="https://orangematter.solarwinds.com/2021/01/11/new-findings-from-our-investigation-of-sunburst/">New Findings From Our Investigation of SUNBURST - Orange Matter</a></li>
</ul></li>
<li>Patch Tuesday

<ul>
<li><a href="https://patchtuesdaydashboard.com/">Microsoft Patch Tuesday by Morphus Labs</a></li>
</ul></li>
</ul>