Voici la sélection des vulnérabilités de cybersécurité les plus critiques découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
FBI: Mobile Beta-Testing Apps Are Major Security Risk
Device takeover, account hijacking and info theft could occur
Fifty minutes to hack ChatGPT: Inside the DEF CON competition to break AI
More than 2,000 hackers attacked cutting-edge chatbots to discover vulnerabilities – and demonstrated the challenges for red-teaming AI.
Ford says cars with WiFi vulnerability still safe to drive
Ford is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could allow remote code execution, but says that vehicle driving safety isn’t impacted.
Google released first quantum-resilient FIDO2 key implementation
Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich.
WinRAR flaw lets hackers run programs when you open RAR archives
A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.
Bugs in transportation app Moovit gave hackers free rides | TechCrunch
A series of bugs in the Moovit transportation app could have allowed hackers to get free rides, a security researcher warns.
CISA says hackers are exploiting a new file transfer bug in Citrix ShareFile | TechCrunch
Hackers are exploiting a critical-rated vulnerability in Citrix ShareFile, the U.S. government’s cybersecurity agency says.
Ces hackers ont réussi à pirater un jeu de casino
Des hackers éthiques d’une firme en cybersécurité ont montré les failles d’un distributeur de cartes très utilisé dans les casinos.
Combien de temps faut-il pour pirater votre mot de passe ?
Un nouveau rapport montre à quel point il est facile de hacker votre mot de passe. Il est peut-être temps d’en changer ?
Citrix ADC, Gateways Still Backdoored, Even After Being Patched
Even after updating Citrix networking appliances to address the critical vulnerability, enterprise defenders have to check each one to ensure they have not already been compromised.
Des backdoors dans plus de 1 800 installations Citrix Netscaler – Le Monde Informatique
Intrusion, Hacking et Pare-feu : Suite à la découverte de failles critiques dans ses solutions ADC et Gateway Netscaler en juillet, Citrix avait lancé des correctifs. A ce jour, plus…
Google paves way for FIDO2 security keys that can resist quantum computer attacks
Google wants your security keys to be up for the challenges that quantum computers will present.
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection
Hackers are using sneaky compression methods in Android APK files to evade malware detection