December 30, 2020

Episode 0x168 (Hebdo) - 19 Décembre 2020

Listen Later

1 hour 28 minutes

19 Décembre 2020

Shameless plug

Février 2021 - Séminaire de Sherbrooke - Cybersécurité en entreprise

Revoyez Hackfest Holiday Event + CTF via le BBS de StackFault

URL formulaire village santé mentale

QuebecSec à venir: 2e table ronde & phishing workshop/talks

Shownotes and Links

SolarWinds

https://www.solarwinds.com/-/media/solarwinds/swdcv2/landing-pages/trust-center/resources/secure-configuration-in-the-orion-platform.ashx

https://support.solarwinds.com/SuccessCenter/s/article/Files-and-directories-to-exclude-from-antivirus-scanning-for-Orion-Platform-products?language=en_US

https://newsla.localad.com/2020/12/15/breaking-pentagon-imposes-emergency-shutdown-of-its-secret-internet-protocol-router-network-handles-classified-information-up-to-the-secret-level/

http://d18rn0p25nwr6d.cloudfront.net/CIK-0001739942/57108215-4458-4dd8-a5bf-55bd5e34d451.pdf

https://twitter.com/Rothbard1776/status/1338626722321879045

https://github.com/fireeye/sunburst_countermeasures

https://www.sans.org/webcasts/emergency-webcast-about-solarwinds-supply-chain-attack-118015

https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/

https://dev.to/k0p1/update-fireeye-hacked-red-team-tools-leaked-8c1

https://mobile.twitter.com/lordx64/status/1338526166051934213

https://versprite.com/blog/security-research/exploitation-of-remote-services/

https://cyber.dhs.gov/ed/21-01/#cisa-actions

https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

https://www.sans.org/webcasts/emergency-webcast-about-solarwinds-supply-chain-attack-118015

https://www.solarwinds.com/securityadvisory

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Behavior:Win32/Solorigate.C!dha&ThreatID=2147771132

https://twitter.com/KyleHanslovan/status/1338851535342727168?s=19

https://arstechnica.com/information-technology/2020/12/solarwinds-hackers-have-a-clever-way-to-bypass-multi-factor-authentication/#p3

https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/

Protégez-vous fuite de 330 000 clients

Beneva - Pas de mal?

Promutuel Assurance - toujours down.

Gouvernement Quebec down

[Fuite de données : Desjardins connaissait sa vulnérabilité mais n’a rien fait]

Le SCRS pourrait avoir violé la loi

Pornhub suspends over 10 million videos to eradicate illegal content

Les services intelligents d’Hydro connaissent déjà des ratés

12 Oct 2020 - [QC ONLY] $440 Hydro-Quebec Hilo smart hub & 6x Zigbee thermostat with free install, save $ during peak usage events

https://forums.redflagdeals.com/qc-only-440-hydro-quebec-hilo-smart-hub-6x-zigbee-thermostat-free-install-save-during-peak-usage-events-2408287/

https://www.hiloenergie.com/en-ca/legal/application-privacy-policy/

Ministre Fitzgibbon impliqué avec Hikvision

Chronique/Opinion littéraire - C’est arrivé la nuit de Marc Levy

SolarWinds: Un véritable conte de Noël :

Noel Passé: Comment la Chine aurait infiltré l’approvisionnement en serveurs de Dell, Apple, Amazon, etc

Noel Présent: Comment Microsoft commente l’affaire SolarWinds

Noel Futur: Comment Microsoft gère les vulnérabilités XSS/RCE persistantes dans Teams

Cyberattaques Air canada

L’état de la R&D en matière d’analyse de data énergétique

Crew

Virginie

Steve Waterhouse

Patrick Mathieu

Damien Bancal

Guillaume Morissette

Crédits

Montage audio par Hackfest Communication

Music Space Kablooie - Open Source – Ego Killer

Locaux virtuels par 8x8

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

La French Connection

By Hackfest Communication

4

11 ratings

December 30, 2020

Episode 0x168 (Hebdo) - 19 Décembre 2020

Listen Later

1 hour 28 minutes

19 Décembre 2020

Shameless plug

Février 2021 - Séminaire de Sherbrooke - Cybersécurité en entreprise

Revoyez Hackfest Holiday Event + CTF via le BBS de StackFault

URL formulaire village santé mentale

QuebecSec à venir: 2e table ronde & phishing workshop/talks

Shownotes and Links

SolarWinds

https://www.solarwinds.com/-/media/solarwinds/swdcv2/landing-pages/trust-center/resources/secure-configuration-in-the-orion-platform.ashx

https://support.solarwinds.com/SuccessCenter/s/article/Files-and-directories-to-exclude-from-antivirus-scanning-for-Orion-Platform-products?language=en_US

https://newsla.localad.com/2020/12/15/breaking-pentagon-imposes-emergency-shutdown-of-its-secret-internet-protocol-router-network-handles-classified-information-up-to-the-secret-level/

http://d18rn0p25nwr6d.cloudfront.net/CIK-0001739942/57108215-4458-4dd8-a5bf-55bd5e34d451.pdf

https://twitter.com/Rothbard1776/status/1338626722321879045

https://github.com/fireeye/sunburst_countermeasures

https://www.sans.org/webcasts/emergency-webcast-about-solarwinds-supply-chain-attack-118015

https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/

https://dev.to/k0p1/update-fireeye-hacked-red-team-tools-leaked-8c1

https://mobile.twitter.com/lordx64/status/1338526166051934213

https://versprite.com/blog/security-research/exploitation-of-remote-services/

https://cyber.dhs.gov/ed/21-01/#cisa-actions

https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

https://www.sans.org/webcasts/emergency-webcast-about-solarwinds-supply-chain-attack-118015

https://www.solarwinds.com/securityadvisory

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Behavior:Win32/Solorigate.C!dha&ThreatID=2147771132

https://twitter.com/KyleHanslovan/status/1338851535342727168?s=19

https://arstechnica.com/information-technology/2020/12/solarwinds-hackers-have-a-clever-way-to-bypass-multi-factor-authentication/#p3

https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/

Protégez-vous fuite de 330 000 clients

Beneva - Pas de mal?

Promutuel Assurance - toujours down.

Gouvernement Quebec down

[Fuite de données : Desjardins connaissait sa vulnérabilité mais n’a rien fait]

Le SCRS pourrait avoir violé la loi

Pornhub suspends over 10 million videos to eradicate illegal content

Les services intelligents d’Hydro connaissent déjà des ratés

12 Oct 2020 - [QC ONLY] $440 Hydro-Quebec Hilo smart hub & 6x Zigbee thermostat with free install, save $ during peak usage events

https://forums.redflagdeals.com/qc-only-440-hydro-quebec-hilo-smart-hub-6x-zigbee-thermostat-free-install-save-during-peak-usage-events-2408287/

https://www.hiloenergie.com/en-ca/legal/application-privacy-policy/

Ministre Fitzgibbon impliqué avec Hikvision

Chronique/Opinion littéraire - C’est arrivé la nuit de Marc Levy

SolarWinds: Un véritable conte de Noël :

Noel Passé: Comment la Chine aurait infiltré l’approvisionnement en serveurs de Dell, Apple, Amazon, etc

Noel Présent: Comment Microsoft commente l’affaire SolarWinds

Noel Futur: Comment Microsoft gère les vulnérabilités XSS/RCE persistantes dans Teams

Cyberattaques Air canada

L’état de la R&D en matière d’analyse de data énergétique

Crew

Virginie

Steve Waterhouse

Patrick Mathieu

Damien Bancal

Guillaume Morissette

Crédits

Montage audio par Hackfest Communication

Music Space Kablooie - Open Source – Ego Killer

Locaux virtuels par 8x8

...more

More shows like La French Connection

Security Now (Audio) by TWiT

Security Now (Audio)

2,010 Listeners

NoLimitSecu by NoLimitSecu

NoLimitSecu

2 Listeners

Mike Ward Sous Écoute by Mike Ward

Mike Ward Sous Écoute

92 Listeners

Les chroniques financières du 98.5 by Cogeco Média

Les chroniques financières du 98.5

3 Listeners

PolySécure Podcast by Nicolas-Loïc Fortin et tous les collaborateurs

PolySécure Podcast

0 Listeners

RadioCSIRT - Edition Française by Marc Frédéric GOMEZ

RadioCSIRT - Edition Française

0 Listeners