Voici la sélection des vulnérabilités de cybersécurité les plus critiques découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Satellites Are Rife With Basic Security Flaws
German researchers gained rare access to three satellites and found that they’re years behind normal cybersecurity standards.
EU Urged to Prepare for Quantum Cyber-Attacks
A discussion paper from the European Policy Centre sets out recommendations for an EU quantum cybersecurity agenda
Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week.
Des failles dans les contrôleurs BMC fragilisent des millions de serveurs – Le Monde Informatique
Intrusion, Hacking et Pare-feu : À la suite d’un vol de données survenu en 2021, des chercheurs ont découvert des failles critiques dans les firmwares de contrôleurs BMC de la marque…
Microsoft lost its keys, and the government got hacked | TechCrunch
China hacked dozens of email accounts, including in government. Microsoft opens up, slightly, about how the hackers pulled off the heist.
Firmware vulnerabilities in millions of computers could give hackers superuser status
BMCs give near-total control over entire fleets of servers. What happens when they’re hacked?
Zyxel users still getting hacked by DDoS botnet emerge as public nuisance No. 1
12 weeks after critical vulnerability was patched, devices are still being wrangled.
U.S. Blacklists Two Spyware Firms Run by an Israeli Former General
The moves by the Commerce Department against the Europe-based firms are the latest effort to rein in a spyware industry that has spiraled out of control in recent years.