Les vulnérabilités cyber à suivre cette semaine | 5 juin 2023

Voici la sélection des vulnérabilités de cybersécurité le plus critiques découvertes durant ce dernier tour de veille hebdomadaire.

Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉

Millions of PC Motherboards Were Sold With a Firmware Backdoor

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs-a feature ripe for abuse, researchers say.

Kaspersky Says New Zero-Day Malware Hit iPhones-Including Its Own

On the same day, Russia’s FSB intelligence service launched wild claims of NSA and Apple hacking thousands of Russians.

Malicious PyPI Packages Use Compiled Python Code to Bypass Detection

According to ReversingLabs this could be the first supply chain attack capitalizing on PYC files

Discord Admins Hacked by Malicious Bookmarks

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. According to interviews with victims, several of the attacks began with an interview request from someone posing as a reporter for a crypto-focused news outlet online.

Swiss real estate agency Neho fails to put a password on its systems

A misconfiguration of Swiss real estate agency Neho’s systems exposed sensitive credentials to the public.

WordPress force installs critical Jetpack patch on 5 million sites

WordPress.com owner Automat has started force installing a security patch on millions of websites today with the help of the WordPress Security Team to address a critical vulnerability in the Jetpack plug-in.

Toyota finds more misconfigured servers leaking customer info

Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners’ personal information for over seven years.

https://www.bleepingcomputer.com/news/security/exploit-released-for-rce-flaw-in-popular-reportlab-pdf-library/

Google triples rewards for Chrome sandbox escape chain exploits

Google announced today that bug bounty hunters who report sandbox escape chain exploits targeting its Chrome web browser are now eligible for triple the standard reward until December 1st, 2023.

Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months

Critical zero-day flaw exploited for 7 months! Backdoor access, data exfiltration, and 3 potent malware strains discovered.

Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass

Microsoft reveals a macOS flaw, « Migraine, » enabling root access bypass. Learn how threat actors could exploit this vulnerability.

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

iOS users, beware! The new APT, Operation Triangulation, targets iPhones using stealthy, zero-click iMessage exploits to deploy root-level malware.

421M Spyware Apps Downloaded Through Google Play

A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data.

Human-Assisted CAPTCHA-Cracking Services Supercharge Shopper Bots

On-demand human solvers are now augmenting automated website cyberattacks, offering a better way around tougher anti-bot puzzles.

https://www.darkreading.com/endpoint/bruteprint-short-work-fingerprint-security

MOVEit Transfer vulnerability appears to be exploited widely

A SQL injection vulnerability has been found in the MOVEit Transfer web application, allowing an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.

GitLab Released Emergency Fix For Critical Vulnerability

GitLab has recently rolled out an emergency update, patching a critical path traversal vulnerability. Users must ensure running the latest patched releases to avoid potential risks. Path Traversal Vulnerability Riddled Gitlab According to a recent security bulletin

Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

Attention Sonos users! Your favorite wireless speaker might be a gateway for cyberattacks. They’re vulnerable to code execution.