Description A remote code execution issue in SharePoint Online via Workflows code injection was reported to Microsoft in November 2019 which was addressed immediately on the online platform. However, the main issue was patched in .NET Framework in January 2020. Therefore, the SharePoint On-Premise versions which do not have the […]
Non classé
Alerte Patch! Microsoft met en garde contre des bugs RDP de type worm (ver)
Le correctif Patch Tuesday de Microsoft publié récemment a apporté de très mauvaises nouvelles : davantage de vulnérabilités RDP de type worm (ver), affectant cette fois-ci les utilisateurs de Windows 10. CVE-2019-1181 et -1182 sont des vulnérabilités critiques dans Remote Desktop Services (anciennement Windows terminal) qui sont de type ver […]
DHS and FBI published a Malware Analysis Report on North Korea-linked tool ELECTRICFISH
The U.S. Department of Homeland Security (DHS) and the FCI published a new joint report on ELECTRICFISH, a malware used by North Korea. US DHS and the Federal Bureau of Investigation (FBI) conducted a joint analysis of a traffic tunneling tool dubbed ELECTRICFISH used by North Korea-linked APT group tracked […]
New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate Pinning to ensure integrity and […]
Facebook victime d’un changement de configuration serveur
Technologie : Les 14 heures de panne essuyées par Facebook – qui a aussi affecté Instragram et WhatsApp – sont la conséquence d’une modification de la configuration serveur. Mercredi, heure française, de nombreux utilisateurs des services Facebook se plaignaient de l’indisponibilité des applications. La plateforme, qui avait rapidement exclu une attaque […]
Firefox Send — Free Encrypted File Transfer Service Now Available For All
Mozilla has made it easy for you to share large files securely and privately with whomever you want, eliminating the need to depend upon less secure free third-party services or file upload tools that burn a hole in your pocket. Mozilla has finally launched its free, end-to-end encrypted file-transfer service, […]
Flight Booking System Flaw Affected Customers of 141 Airlines Worldwide
Almost half of the fight travelers around the world were found exposed to a critical security vulnerability discovered in online flight ticket booking system that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles. Israeli network security researcher Noam Rotem discovered the […]
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now! Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take control of the […]
ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs
A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security. Anubhav explained […]
Microsoft Inches Past Google to Become the Third Most Valuable Company
Microsoft has now officially become the third most valuable company in the world as it pushes Google’s parent company Alphabet into fourth place. With Microsoft’s current market cap at 766.8 billion compared to Alphabet’s 766.5 billion, Microsoft is able to retain the third place spot using market prices at the time of this writing. With Apple, […]