Voici la sélection des vulnérabilités de cybersécurité les plus critiques découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Multiple nation-state hackers infiltrate single aviation organization
A single aviation organization was infiltrated by the hackers using vulnerabilities on internet-facing devices.
ProtonMail Code Vulnerabilities Leaked Emails
ProtonMail, a popular Swiss-based encrypted email service had multiple code vulnerabilities that could allow attackers to leak emails.
https://www.databreachtoday.eu/hackers-exploit-multiple-bugs-in-hotel-booking-platform-a-23025
iPhone Zero-Click, Zero-Day Flaw Exploited in the Wild to Install Malware
According to Citizen Lab, the exploit chain was capable of infecting iPhones running the most recent version of iOS (16.6) without the victim’s involvement.
Microsoft reminds users Windows will disable insecure TLS soon
Microsoft reminded users that insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols will be disabled soon in future Windows releases.
Hackers exploit MinIO storage system to breach corporate networks
Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary code, and potentially take over servers.
Electoral Commission failed cybersecurity test in same year as hack
UK election watchdog admits it did not pass assessment in 2021, when voter data security was breached