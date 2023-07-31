Voici la sélection des vulnérabilités de cybersécurité les plus critiques découvertes la semaine passée.

Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

Ivanti Says Second Zero Day Used in Norway Govt Breach Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti’s endpoint management software appeared to have

Zero-Day Vulnerabilities Discovered in Global Emergency Services Communications Protocol Weak encryption algorithms leave radio communications open to attack and abuse.

Super Admin elevation bug puts 900,000 MikroTik devices at risk A critical severity ‘Super Admin’ privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected.

Previous-generation macOS and iOS versions get new security updates, too.

Hackers exploit Citrix zero-day to target US critical infrastructure | TechCrunch Thousands of organizations could be at risk from a Citrix zero-day that hackers have already abused to target U.S. critical infrastructure.

Ivanti rushes to patch zero-day used to breach Norway’s government | TechCrunch Hackers exploited a previously undiscovered flaw in Ivanti’s MDM software to compromise a dozen Norwegian government agencies.

US, Australia cyber agencies warn IDOR security flaws can be exploited ‘at scale’ | TechCrunch A new government joint advisory says IDOR vulnerabilities have resulted in major data breaches in the U.S. and overseas.

Critical infrastructure radio tech ‘easily hacked’ through deliberate backdoor Malicious attackers could “easily” hack TETRA radio systems and disrupt critical infrastructure and emergency services, researchers reveal.