Podtranscript
Log out

Le Comptoir Sécu: [SECHebdo] 27 janvier 2021 - RCE Office 365, Espion de poche, Piège à chercheurs en sécu, GDPR, Intrusion StackOverflow, Takedown EMOTET, SolarWinds, CTI, etc.

L'équipe du Comptoir Sécu L'équipe du Comptoir Sécu 1/27/21 - Episode Page

<![CDATA[https://www.comptoirsecu.fr/images/covers/2021-01-27-sechebdo-vignette.jpg" />
]]>

<p>Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d&rsquo;habitude, si vous avez raté l&rsquo;enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio:</p>

<p>
<strong>Au sommaire de cette émission :</strong>
<ul><li>Todo <strong><a href="#t=00:01:30" onclick="location.reload()">(00:01:30)</a></strong></li></ul>
</p>

<script type="application/ld+json" id="podigee-settings">
{
"options": {
"theme": "default"
},
"extensions": {
"ChapterMarks": {
"disabled": false
},
"EpisodeInfo": {},
"Playlist": {
"disabled": true
},
"Transcript": {
"disabled": true
}
},
"podcast": {
"feed": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2021-01-27.m4a"
},
"episode": {
"media": {
"mp3": "https://podcasts.comptoirsecu.fr/podcasts/SECHebdo/CSEC.SECHebdo.2021-01-27.m4a"
},
"coverUrl": "https://www.comptoirsecu.fr/images/covers/2021-01-27-sechebdo-vignette.jpg",
"title": "[SECHebdo] 27 janvier 2021",
"subtitle": "RCE Office 365, Espion de poche, Piège à chercheurs en sécu, GDPR, Intrusion StackOverflow, Takedown EMOTET, SolarWinds, CTI, etc.",
"description": "Épisode du 27 01 2021 - SECHebdo est une revue de l&#39;actualité cybersécurité réalisée en live sur Youtube, généralement le mercredi soir."

,"chaptermarks": [





{ "start": "00:01:30", "title": "Todo"}


]

}
}
</script>

<script type="text/javascript" src="https://www.comptoirsecu.fr/js/podigee-get-settings.min.192d4afa439903f73345b15d3d1b7132598bb1d2238d1f1fc91d39b516bf2ed2.js" integrity="sha256-GS1K&#43;kOZA/czRbFdPRtxMlmLsdIjjR8fyR05tRa/LtI="></script>
<script class="podigee-podcast-player" src="//cdn.podigee.com/podcast-player/javascripts/podigee-podcast-player.js" data-configuration="podigee"></script>


<p>Notre discord : <a href="http://discord.comptoirsecu.fr">http://discord.comptoirsecu.fr</a></p>

<p>A bientôt pour d&rsquo;autres émissions/podcasts!</p>

<h3 id="liste-des-sources">Liste des sources :</h3>

<ul>
<li>RCE in Office365 + shitty patchs

<ul>
<li><a href="https://srcincite.io/blog/2021/01/12/making-clouds-rain-rce-in-office-365.html">Making Clouds Rain :: Remote Code Execution in Microsoft Office 365</a></li>
</ul></li>
<li>Campain against security researchers

<ul>
<li><a href="https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/">New campaign targeting security researchers</a></li>
</ul></li>
<li>Heap Overflow in sudo (CVE-2021-3156)

<ul>
<li><a href="https://www.sudo.ws/alerts/unescape_overflow.html">Buffer overflow in command line unescaping</a></li>
</ul></li>
<li>Timeline intrusion StackOverflow

<ul>
<li><a href="https://stackoverflow.blog/2021/01/25/a-deeper-dive-into-our-may-2019-security-incident/">A deeper dive into our May 2019 security incident - Stack Overflow Blog</a></li>
</ul></li>
<li>Un espion dans la poche

<ul>
<li><a href="https://thehackernews.com/2021/01/google-discloses-flaws-in-signal-fb.html">Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps</a></li>
</ul></li>
<li>A ne pas oublier

<ul>
<li><a href="https://support.microsoft.com/en-us/topic/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows-ef185fb8-00f7-167d-744c-f299a66fc00a">2020 LDAP channel binding and LDAP signing requirements for Windows</a></li>
<li><a href="https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV190023">Security Update Guide - Microsoft Security Response Center</a></li>
</ul></li>
<li>SolarWinds - Follow up

<ul>
<li><a href="https://www.zdnet.com/article/four-security-vendors-disclose-solarwinds-related-incidents/">Four security vendors disclose SolarWinds-related incidents | ZDNet</a></li>
<li><a href="https://us-cert.cisa.gov/ncas/analysis-reports/ar21-027a">MAR-10319053-1.v1 - Supernova | CISA</a></li>
</ul></li>
<li>Sanction GDPR pour défaut de protection contre le credential stuffing

<ul>
<li><a href="https://www.cnil.fr/fr/credential-stuffing-la-cnil-sanctionne-un-responsable-de-traitement-et-son-sous-traitant">« Credential stuffing » : la CNIL sanctionne un responsable de traitement et son sous-traitant | CNIL</a></li>
</ul></li>
<li>EUROPOL &amp; EUROJUST vs EMOTET

<ul>
<li><a href="https://www.europol.europa.eu/newsroom/news/world%E2%80%99s-most-dangerous-malware-emotet-disrupted-through-global-action">World’s most dangerous malware EMOTET disrupted through global action | Europol</a></li>
<li><a href="https://twitter.com/mikko/status/1354407402020466689">https</a></li>
<li><a href="https://www.zdnet.com/article/authorities-plan-to-mass-uninstall-emotet-from-infected-hosts-on-march-25-2021/">Authorities plan to mass-uninstall Emotet from infected hosts on March 25, 2021 | ZDNet</a></li>
</ul></li>
<li>Corner Vuln

<ul>
<li><a href="https://support.apple.com/en-us/HT212146">https://support.apple.com/en-us/HT212146</a></li>
<li><a href="https://www.sonicwall.com/support/product-notification/urgent-security-notice-probable-sma-100-series-vulnerability-updated-jan-25-2021/210122173415410/">Urgent Security Notice: Probable SMA 100 Series Vulnerability [Updated Jan. 25, 2021] | SonicWall</a></li>
<li><a href="https://www.armis.com/resources/iot-security-blog/nat-slipstreaming-v2-0-new-attack-variant-can-expose-all-internal-network-devices-to-the-internet/">NAT Slipstreaming v2.0: New Attack Variant Can Expose All Internal Network Devices to The Internet | Armis</a></li>
<li><a href="https://www.claroty.com/2021/01/25/blog-research-critical-flaws-in-opc-protocol/">Claroty Finds Critical Flaws in OPC Protocol Implementations - Claroty</a></li>
</ul></li>
</ul>