ar
Feedback
SysAdmin 24x7

SysAdmin 24x7

الذهاب إلى القناة على Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

إظهار المزيد
4 386
المشتركون
لا توجد بيانات24 ساعات
-37 أيام
+430 أيام
أرشيف المشاركات
New #Mac Malware Exploits GateKeeper Bypass Bug that #Apple Left Unpatched Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month. https://thehackernews.com/2019/06/macos-malware-gatekeeper.html

Introducing the #AWS Security Incident Response Whitepaper AWS recently released the AWS Security Incident Response whitepaper, to help you understand the fundamentals of responding to security incidents within your cloud environment.  https://aws.amazon.com/es/blogs/security/introducing-the-aws-security-incident-response-whitepaper/

The #RaspberryPi 4 brings faster CPU, up to 4GB of RAM Today, Raspberry Pi is introducing a new version of its popular line of single-board computer. The Raspberry Pi 4 Model B is the fastest Raspberry Pi ever, with the company promising "desktop performance comparable to entry-level x86 PC systems." https://arstechnica.com/gadgets/2019/06/faster-raspberry-pi-4-promises-desktop-class-performance/

Un 0-day en Firefox ha revelado un backdoor en #macOS Hace unos días un usuario alertó a los investigadores de que a través de un 0-day ya conocido en Firefoxhabían logrado ejecutar código en su Mac (corriendo macOS 10.14.5). https://www.seguridadapple.com/2019/06/un-0-day-en-firefox-ha-revelado-un.html

A #BlueTeam guide to #Azure & #Office365 monitoring https://0x00sec.org/t/a-blue-team-guide-to-azure-office-365-monitoring/14411

#Windows Terminal Is Here in Its Multi-Tabbed Console Glory The much anticipated Windows Terminal Preview is here and I have to say, when it works, it's pretty awesome. While it shows great promise, as this is a very early preview, you should expect to see some bugs, crashes, and quirks that will be fixed in future builds. https://www.bleepingcomputer.com/news/microsoft/windows-terminal-is-here-in-its-multi-tabbed-console-glory/

#OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks https://thehackernews.com/2019/06/openssh-side-channel-vulnerability.html

Dell Releases Security Advisory for Dell SupportAssist Dell has released a security advisory to address a vulnerability in Dell SupportAssist software. An attacker could exploit this vulnerability to access sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Dell Security Advisory DSA-2019-084 and apply the necessary update. https://www.us-cert.gov/ncas/current-activity/2019/06/21/Dell-Releases-Security-Advisory-Dell-SupportAssist

Vulnerabilidad de denegación de servicio en Apache Tomcat Fecha de publicación: 21/06/2019 Importancia: 4 - Alta Recursos afectados:  Apache Tomcat®, versiones: Desde la 8.5.0 hasta 8.5.40; Desde la 9.0.0.M1 hasta 9.0.19. Descripción:  Apache ha publicado una corrección para una actualización anterior, incompleta, de la vulnerabilidad con identificador CVE-2019-0199 que podría permitir a un atacante el agotamiento de los hilos y la denegación del servicio (DoS). https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-denegacion-servicio-apache-tomcat-0

#Microsoft fixed CVE-2019-1105 flaw in #Outlook for #Android Microsoft has addressed an important vulnerability (CVE-2019-1105) in Outlook for Android, potentially affected over 100 million users. https://securityaffairs.co/wordpress/87398/hacking/outlook-android-flaw.html

The #FreeBSD Project Topic: Resource exhaustion in non-default RACK TCP stack Category: core Module: inet Announced: 2019-06-19 Credits: Jonathan Looney (Netflix) Peter Lei (Netflix) Affects: FreeBSD 12.0 and later Corrected: 2019-06-19 16:25:39 UTC (stable/12, 12.0-STABLE) 2019-06-19 16:43:05 UTC (releng/12.0, 12.0-RELEASE-p6) CVE Name: CVE-2019-5599 ... III. Impact An attacker with the ability to send specially crafted TCP traffic to a victim system can degrade network performance and/or consume excessive CPU by exploiting the inefficiency of traversing the potentially very large RACK linked lists with relatively small bandwidth cost. https://www.freebsd.org/security/advisories/FreeBSD-SA-19:08.rack.asc

Turla Espionage Group Hacks OilRig #APT Infrastructure Security researchers tracking activities of various nation-state cyber-espionage groups found evidence suggesting that the Turla group hijacked the infrastructure of OilRig hackers to compromise a target both actors were interested in. https://www.bleepingcomputer.com/news/security/turla-espionage-group-hacks-oilrig-apt-infrastructure/

#Google open-sources #cryptographic tool to keep data sets private Poorly secured databases are a top privacy and security concern — and Google now wants to plug that leak. The internet giant has said it’s open sourcing Private Join and Compute, a new secure multi-party computation (MPC) tool designed to help organizations work together with confidential data sets. https://thenextweb.com/security/2019/06/20/google-open-sources-cryptographic-tool-to-keep-data-sets-private/

Múltiples vulnerabilidades en productos Cisco Fecha de publicación: 20/06/2019 Importancia: 5 - Crítica Recursos afectados:  Los siguientes productos de Cisco que ejecuten una versión de Cisco SD-WAN Solution anterior a la 18.3.6, 18.4.1 y 19.1.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco DNA Center Software, versiones anteriores a la 1.3. Los siguientes productos de Cisco que ejecuten una versión vulnerable de Cisco TelePresence TC o Cisco TelePresence CE software: Cisco TelePresence Integrator C Series, Cisco TelePresence EX Series, Cisco TelePresence MX Series, Cisco TelePresence SX Series, Cisco Webex Room Series. Los siguiente productos de Cisco que ejecuten una versión vulnerable de Cisco StarOS operating system: Cisco Virtualized Packet Core-Single Instance (VPC-SI), Cisco Virtualized Packet Core-Distributed Instance (VPC-DI). Cisco vManage Network Management Software ejecutando una versión de Cisco SD-WAN Solution anterior a la 18.4.0. RV110W Wireless-N VPN Firewall, versiones anteriores a la 1.2.2.4. RV130W Wireless-N Multifunction VPN Router, versiones anteriores a la 1.0.3.51. RV215W Wireless-N VPN Router, versiones anteriores a la 1.3.1.4. Cisco Prime Service Catalog Software, versiones anteriores a la 12.1 Cumulative patch versión 10. Cisco Meeting Server deployments que ejecute versiones anteriores a la 2.2.14 y la 2.3.8. Descripción:  Cisco ha publicado múltiples vulnerabilidades que podrían permitir a un atacante escalar privilegios, evadir la autenticación, ejecutar código remoto, denegar el servicio o llevar a cabo ataques cross-site request forgery (CSRF) en los productos afectados. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-49

Vulnerabilidad de ejecución remota de código en Oracle WebLogic Server Fecha de publicación: 19/06/2019 Importancia: 5 - Crítica Recursos afectados:  Oracle WebLogic Server, versiones 10.3.6.0.0, 12.1.3.0.0 y 12.2.1.3.0. Descripción:  Oracle ha publicado una vulnerabilidad de severidad crítica que permite la ejecución remota de código en su producto Oracle WebLogic Server. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-ejecucion-remota-codigo-oracle-weblogic-server-0

#Docker Desktop for #Windows10 Will Soon Switch to #WSL 2 Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses. WSL is a Microsoft-designed compatibility layer that made it possible for users of Windows 10 and Windows Server 2019 to run Linux binaries in ELF format natively on their computers. https://www.bleepingcomputer.com/news/security/docker-desktop-for-windows-10-will-soon-switch-to-wsl-2/

#Mozilla Releases Security Updates for #Firefox and Firefox ESR Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 67.0.3 and Firefox ESR 60.7.1 and apply the necessary updates. https://www.us-cert.gov/ncas/current-activity/2019/06/18/Mozilla-Releases-Security-Updates-Firefox-and-Firefox-ESR

DHS Email Phishing Scam Original release date: June 18, 2019 The Cybersecurity and Infrastructure Security Agency (#CISA) is aware of an email phishing scam that tricks users into clicking on malicious attachments that look like legitimate Department of Homeland Security (#DHS) notifications. The email campaign uses a spoofed email address to appear like a National Cyber Awareness System (#NCAS) alert and lure targeted recipients into downloading malware through a malicious attachment. https://www.us-cert.gov/ncas/current-activity/2019/06/18/DHS-Email-Phishing-Scam

msticpy - #Python Defender Tools msticpy is a package of python tools intended to be used for security investigations and hunting (primarily in Jupyter notebooks). Most of the tools originated from code written in Jupyter notebooks which was tidied up and re-packaged into python modules. I’ve added some references to other blogs in the References section, where I describe some of these notebooks in more detail. https://techcommunity.microsoft.com/t5/Azure-Sentinel/msticpy-Python-Defender-Tools/ba-p/648929

SysAdmin 24x7 - إحصائيات وتحليلات قناة تيليجرام @sysadmin24x7