curated by Decio

Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent

January 24, 2023

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

We observed a recent spate of supply chain attacks attempting to exploit CVE-2021-35394, affecting IoT devices with chipsets made by Realtek.

unit42, EN, 2023, CVE-2021-35394, IoT, devices, supplychain, attacks, Realtek

La vidéosurveillance de l’armée présente des failles de sécurité

Un audit interne révèle que les appareils qui surveillent les places d’armes ou les centres logistiques sont mal protégés

letemps, FR, CH, 2023, vidéosurveillance, cameras, webcams, IoT, failles

Suisse: Caméras de surveillance de l’armée jugées trop vulnérables

Obsolètes, des caméras sont des «proies faciles pour les pirates», conclut un audit interne qui affirme que l’armée néglige sa sécurité informatique.

20min, FR, CH, 2023, IoT, armée, camera, webcam, audit, vulnérables

Apple patches are out – old iPhones get an old zero-day fix at last!

Don’t delay, especially if you’re still running an iOS 12 device… please do it today!

nakedsecurity, EN, 2023, vulnerability, apple, cve-2022-42856, exploit, ios, ios-12, ipados, zero-day

Following the LNK metadata trail

While tracking some prevalent commodity malware threat actors, Talos observed the popularization of malicious LNK files as their initial access method to download and execute payloads. A closer look at the LNK files illustrates how their metadata could be used to identify and track new campaigns.

talosintelligence, EN, 2023, LNK, analysis, metadata

Threat groups are using Windows LNK files to gain access

Microsoft's move last year to block macros by default in Office applications is forcing miscreants to find other tools with which to launch cyberattacks, including the software vendor's LNK files – the shortcuts Windows uses to point to other files.

theregister, EN, 2023, LNK, macros, Microsoft, Windows, threat