『RadioCSIRT - Weekly English Edition』のカバーアート

RadioCSIRT - Weekly English Edition

RadioCSIRT - Weekly English Edition

著者: Marc Frédéric GOMEZ
無料で聴く

概要

🎙 Marc Frédéric Gomez, cybersecurity expert, brings you daily insights into the latest threats, attacks, and defense strategies you need to know.

🔎 On the agenda:
✔️ Analysis of cyberattacks and critical vulnerabilities
✔️ Strategic intelligence for CSIRTs, CERTs, and cybersecurity professionals
✔️ Sources and references to dive deeper into each topic

💡 Why listen to RadioCSIRT?
🚀 Stay up to date in just a few minutes a day
🛡️ Anticipate threats with reliable, technical information
📢 An essential intelligence source for IT and security professionals

🔗 Listen, share, and secure your environment!
📲 Subscribe and leave a ⭐ rating on your favorite platform!

Marc Frédéric GOMEZ 政治・政府
エピソード
  • RadioCSIRT English Version - Ep. 69: CISA's KEV Surge, Sandworm Returns & The ChatGPT Leak

    RadioCSIRT English Version - Ep. 69: CISA's KEV Surge, Sandworm Returns & The ChatGPT Leak
    2026/01/31

    This week, the vulnerability floodgates opened. From an 11-year-old Telnet flaw to critical VMware exploits, the CISA KEV catalog is overflowing. But the biggest shocker? Operational security failures at the highest levels of government.

    In this episode of RadioCSIRT English Edition:

    🚨 Critical Patch Overload: A massive week for the CISA KEV catalog, featuring Oracle, VMware vCenter (CVSS 9.8), and a critical bypass in Fortinet.

    🦖 The Return of Sandworm: ESET uncovers "DynoWiper," a new malware targeting the Polish energy sector, marking the 10th anniversary of the Ukraine grid attack.

    🤖 OpSec Failures: The CISA Acting Director leaks classified docs to ChatGPT, and why your BitLocker keys might not be safe with Microsoft.

    🕸️ Botnet Consolidation: The Kimwolf botnet grows, potentially merging with Badbox 2.0 to control millions of Android devices.

    🇫🇷 Digital Sovereignty: France bids farewell to Teams and Zoom, deploying its sovereign "Visio" platform government-wide.

    Tune in for your weekly dose of critical cybersecurity intelligence.

    🔗 Links & Resources: https://www.radiocsirt.com/podcast/ep-69-cisas-kev-surge-sandworm-returns-the-chatgpt-leak/
    続きを読む 一部表示
    9 分
  • RadioCSIRT English Version - Your Weekly Cybersecurity News for Sunday, January 18, 2026 (Ep. 68)

    RadioCSIRT English Version - Your Weekly Cybersecurity News for Sunday, January 18, 2026 (Ep. 68)
    2026/01/18
    We open this weekly recap with a massive Patch Tuesday from Microsoft, which addressed 114 vulnerabilities, including three zero-days; notably, CVE-2026-20805 is actively exploited in the wild. Infrastructure concerns continued as Cisco patched a critical AsyncOS zero-day exploited by Chinese APT actors, and AWS remediated a "CodeBreach" supply chain flaw in its console CI pipelines.In data privacy and regulation, France’s CNIL imposed a combined $48 million fine on Free and Free Mobile for security failures affecting 24 million subscribers. Meanwhile, Spanish energy giant Endesa disclosed a breach exposing the data of 22 million customers, and a massive scraping incident affected 17.5 million Instagram users.On the threat landscape, Check Point Research analyzed "Sicarii," a new ransomware operation likely acting as a false flag with confused ideological messaging. Physical "Quishing" (QR code phishing) campaigns are surging in France, and the infamous BreachForums hacking community suffered a taste of its own medicine with a leak of its user database. Finally, strategic cooperation strengthens as the UK unveils its Government Cyber Action Plan and Germany partners with Israel to build a "Cyber Dome" defense system.OSINT Sources:📊 Reports, Studies & StrategiesKaspersky Security Bulletin 2025 : https://www.kasbersky.com/about/press-releases/2025_kaspersky-financial-sector-faced-ai-blockchain-and-organized-crime-threats-in-2025SecurityScorecard (via KnowBe4) : https://www.knowbe4.com/hubfs/Financial-Sector-Threats-The-Shifting-Landscape.pdfENISA Threat Landscape 2025 : https://www.enisa.europa.eu/publications/enisa-threat-landscape-2025FS-ISAC : https://www.fsisac.com/knowledge/annual-navigating-cyber-2025-reportRESCO Courtage : https://www.resco-courtage.com/dora-reglementation-guide-complet-2025NCSC UK : https://www.ncsc.gov.uk/blog-post/government-cyber-action-plan-strengthening-resilience-across-uk🛡️ Vulnerabilities, Patch Tuesday & Security AdvisoriesMicrosoft Security Update Guide : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0628CISA (CVE-2025-8110) : https://www.cisa.gov/news-events/alerts/2026/01/12/cisa-adds-one-known-exploited-vulnerability-catalogCISA (CVE-2026-20805) : https://www.cisa.gov/news-events/alerts/2026/01/13/cisa-adds-one-known-exploited-vulnerability-catalogCERT-FR (MISP) : https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0030/CERT-FR (VMware) : https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0029/CERT-FR (MariaDB) : https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0028/CERT-FR (NetApp) : https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0027/CERT-FR (Google Pixel) : https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0026/Krebs on Security : https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/Cisco Talos Intelligence : https://blog.talosintelligence.com/microsoft-patch-tuesday-january-2026/CERT Santé : https://cyberveille.esante.gouv.fr/alertes/palo-alto-cve-2026-0227-2026-01-15BleepingComputer (Cisco AsyncOS) : https://www.bleepingcomputer.com/news/security/cisco-finally-fixes-asyncos-zero-day-exploited-since-november/CyberPress (AWS Console) : https://cyberpress.org/aws-console-supply-chain-attack-github-hijackingcyber/⚠️ Data Leaks, Incidents & AttacksBleepingComputer (BreachForums) : https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-database-leaked-exposing-324-000-accounts/CyberPress (Instagram) : https://cyberpress.org/instagram-data-leak/Cybersecurity Dive (SitusAMC) : https://www.cybersecuritydive.com/news/hackers-steal-sensitive-data-major-banking-industry-vendor-situsamc/BleepingComputer (Endesa) : https://www.bleepingcomputer.com/news/security/spanish-energy-giant-endesa-discloses-data-breach-affecting-customers/BleepingComputer (Pax8) : https://www.bleepingcomputer.com/news/security/cloud-marketplace-pax8-accidentally-exposes-data-on-1-800-msp-partners/The Record (Anchorage Police) : https://therecord.media/anchorage-police-takes-servers-offline-after-third-party-attack🕵️ Threat Intelligence (APT, Ransomware, Phishing)Planet.fr (Quishing Scam) : https://www.planet.fr/societe-arnaque-a-la-fausse-carte-bancaire-par-courrier-le-mecanisme-du-quishing-qui-vise-vos-coordonnees.2992374.29336.htmlCheck Point Research (Sicarii) : https://research.checkpoint.com/2026/sicarii-ransomware-truth-vs-myth/Cisco Talos Intelligence (UAT-8837) : https://blog.talosintelligence.com/uat-8837/Malwarebytes (LinkedIn Phishing) : https://www.malwarebytes.com/blog/news/2026/01/phishing-scammers-are-posting-fake-account-restricted-comments-on-linkedin⚖️ Regulations, Sanctions & International CooperationThe Record (CNIL/Free Fine) : https://therecord.media/france-data-regulator-fineMalwarebytes (Datamasters Fine) : https://www.malwarebytes.com/blog/news/2026/01/data-broker-fined-after-selling-alzheimers-patient-info-and-millions-of-sensitive-profilesThe Record (Germany-Israel Deal) : https://therecord.media/...
    続きを読む 一部表示
    15 分
  • RadioCSIRT English Edition – Your Cybersecurity News for Sunday, January 11, 2026 (Ep. 67)

    RadioCSIRT English Edition – Your Cybersecurity News for Sunday, January 11, 2026 (Ep. 67)
    2026/01/11
    We open this episode with a new physical mail scam campaign targeting bank customers in France, according to Planet.fr. The modus operandi begins with the receipt of a letter bearing the letterhead of a financial institution and containing a fake bank card equipped with a chip. The document instructs the recipient to scan a QR code to activate the card. This technique, known as “quishing,” redirects the victim to a malicious website designed to exfiltrate personal data and banking details. The phenomenon, already observed in neighboring European countries, is gaining ground in France. The cards display a high level of counterfeiting, including accurate reproduction of banks’ visual identities. Verifying the URL displayed after scanning the QR code is the first indicator of legitimacy. If information is entered on a fraudulent website, the recommended procedure includes immediately blocking the bank card, changing all passwords, and reporting the incident via the French Interior Ministry’s Perceval platform.Microsoft published CVE-2026-0628 in its Security Update Guide, concerning a high-severity vulnerability affecting Chromium’s WebView tag component, according to Neowin. The technical flaw, classified as “Insufficient policy enforcement,” allows an attacker who has convinced a user to install a malicious extension to inject scripts or HTML into a privileged page. Researcher Gal Weizman reported the vulnerability to Google in late November. Chrome version 143.0.7499.192 contains the upstream fix, which was integrated by Microsoft into Edge on January 10, 2026. Microsoft records the CVE in its Security Update Guide to provide authoritative downstream status to Edge customers. Canonical vulnerability trackers confirm that the upstream remediation threshold was set in the Chrome 143 stable release. Inventory and remediation efforts must cover all embedded Chromium runtimes and Electron applications, as updating the host browser does not protect these applications.The BreachForums hacking forum suffered a data leak exposing its user database table, according to BleepingComputer. On January 9, 2026, a site named after the ShinyHunters extortion gang published a 7Zip archive named breachedforum.7z. The archive contains the file databoose.sql, a MyBB database table comprising 323,988 member records, including display names, registration dates, IP addresses, and other internal information. Analysis shows that the majority of IP addresses resolve to a local loopback address, but 70,296 records contain public IP addresses. The latest registration date corresponds to August 11, 2025, the day the previous BreachForums was shut down following the arrest of certain alleged operators. The current administrator, known under the pseudonym N/A, acknowledged the leak, stating that a backup of the MyBB users table was temporarily exposed in an unsecured directory and downloaded once.Finally, a major data leak compromised the personal information of approximately 17.5 million Instagram users, according to CyberPress. The leak, initially reported by cybersecurity researchers at Malwarebytes, exposes contact information, making millions of users vulnerable to identity theft and targeted phishing attacks. The dataset appeared this week on a hacking forum, published by a threat actor using the pseudonym “Solonik.” The listing titled “INSTAGRAM.COM 17M GLOBAL USERS — 2024 API LEAK” contains 17.5 million records formatted in JSON and TXT files. The data was collected in late 2024 via an API leak that bypassed standard security measures. The exposed database includes full names, usernames, verified email addresses, phone numbers, user identifiers, and partial location data. The leak is classified as scraping, meaning automated data collection via public interfaces. As of January 10, 2026, Meta has not issued a formal statement regarding this leak.SourcesPlanet.fr – Bank card scam https://www.planet.fr/societe-arnaque-a-la-fausse-carte-bancaire-par-courrier-le-mecanisme-du-quishing-qui-vise-vos-coordonnees.2992374.29336.htmlMicrosoft Security Update Guide – CVE-2026-0628 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0628 BleepingComputer – BreachForums database leak https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-database-leaked-exposing-324-000-accounts/ CyberPress – Instagram data leak https://cyberpress.org/instagram-data-leak/Don’t think, patch!Your feedback is welcome.Email: radiocsirt@gmail.comWebsite: https://www.radiocsirt.comWeekly Newsletter: https://radiocsirtenglishedition.substack.com/
    続きを読む 一部表示
    6 分
まだレビューはありません