SysAdmin 24x7
الذهاب إلى القناة على Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
إظهار المزيد4 386
المشتركون
-124 ساعات
-87 أيام
+330 أيام
أرشيف المشاركات
4 386
ENISA's technical training material for CSIRT
#DFIR
https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational
4 386
FIN6 Group Diversifies Activity, Uses LockerGoga and Ryuk Ransomware
https://www.bleepingcomputer.com/news/security/fin6-group-diversifies-activity-uses-lockergoga-and-ryuk-ransomware/
4 386
Vulnerabilidad en FortiOS
Fecha de publicación: 05/04/2019
Importancia: 4 - Alta
Recursos afectados:
FortiOS versiones:
6.0.2 y anteriores.
5.6.7 y anteriores.
5.4.10 y anteriores.
Descripción:
Un usuario autenticado y sin privilegios podría cambiar la configuración del enrutamiento.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-fortios
4 386
Windows 10 Insider Build 18362.30 Released to Fix Boot Breaking Bug
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-1836230-released-to-fix-boot-breaking-bug/
4 386
Panos Remote Code Execution (CVE-2017-15944) - Ver2
A remote code execution vulnerability exists in paloaltonetworks panos. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0089.html
4 386
Google Releases Android Security Patch for April 2019 with 89 Security Fixes
https://mobile.linuxtoday.com/security/google-releases-android-security-patch-for-april-2019-with-89-security-fixes-190403090524.html
4 386
Xiaomi Vulnerability: When Security Is Not What it Seems
https://blog.checkpoint.com/2019/04/04/xiaomi-vulnerability-when-security-is-not-what-it-seems/
4 386
Múltiples vulnerabilidades en Db2 de IBM
Fecha de publicación: 03/04/2019
Importancia: 4 - Alta
Recursos afectados:
IBM Db2 V9.7, V10.1, V10.5 y V11.1 en todas las plataformas.
Descripción:
Se han publicado dos vulnerabilidades de tipo buffer overflow en Db2 que podrían permitir a un atacante local ejecutar código arbitrario como root.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-db2-ibm-1
4 386
Apache web server bug grants root access on shared hosting environments
Companies using Apache on private, non-shared servers are also at risk, but to a lesser degree.
https://www.zdnet.com/article/apache-web-server-bug-grants-root-access-on-shared-hosting-environments/
4 386
Advisory (ICSA-19-092-01)
Advantech WebAccess/SCADA
1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Advantech
Equipment: WebAccess/SCADA
Vulnerabilities: Command Injection, Stack-based Buffer Overflow, Improper Access Control
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may cause a denial of service and allow remote code execution.
https://ics-cert.us-cert.gov/advisories/ICSA-19-092-01
4 386
Xwo - A Python-based bot scanner
https://www.alienvault.com/blogs/labs-research/xwo-a-python-based-bot-scanner
4 386
Múltiples vulnerabilidades en Apache HTTP Server
Fecha de publicación: 02/04/2019
Importancia: 4 - Alta
Recursos afectados:
Apache HTTP Server, versiones 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.30, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25, 2.4.23, 2.4.20, 2.4.18, 2.4.17, 2.4.16, 2.4.12, 2.4.10, 2.4.9, 2.4.7, 2.4.6, 2.4.4, 2.4.3, 2.4.2, 2.4.1 y 2.4.0.
Descripción:
Apache ha publicado 6 vulnerabilidades, 3 de severidad alta y 3 de criticidad baja.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-apache-http-server
4 386
Google Fixes Two Critical Android Code Execution Vulnerabilities
Two critical remote code execution (RCE) and nine high severity elevation of privileges (EoP) and information disclosure (ID) vulnerabilities were fixed by Google in the Android Open Source Project (AOSP) as part of security patch level 2019-04-01.
https://www.bleepingcomputer.com/news/security/google-fixes-two-critical-android-code-execution-vulnerabilities/
4 386
GlusterFS: Multiple Vulnerabilities — GLSA201904-06
Multiple vulnerabilities have been found in GlusterFS, the worst of which could result in the execution of arbitrary code.
Affected Packages
Packagesys-cluster/glusterfs on all architecturesAffected versions< 4.1.8Unaffected versions>= 4.1.8
Background
A free and open source software scalable network filesystem.
https://security.gentoo.org/glsa/201904-06
4 386
BURP: Root privilege escalation — GLSA 201904-05
A vulnerability was discovered in Gentoo's ebuild for BURP which could lead to root privilege escalation.
Affected Packages
Packageapp-backup/burp on all architecturesAffected versions< 2.1.32-r1Unaffected versions>= 2.1.32-r1
Background
A network backup and restore program.
https://security.gentoo.org/glsa/201904-05
4 386
Múltiples vulnerabilidades en Security Privileged Identity Manager Appliance de IBM
Fecha de publicación: 01/04/2019
Importancia: 5 - Crítica
Recursos afectados:
IBM Security Privileged Identity Manager versión 2.1.1
Descripción:
IBM ha publicado un boletín de seguridad que está compuesto por 48 vulnerabilidades, siendo una vulnerabilidad de severidad crítica, 16 de severidad alta y el resto medias o bajas.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-security-privileged-identity-manager
4 386
Webmin cgi Upload Remote Code Execution (CVE-2019-9624)
A remote code execution vulnerability exists in Webmin.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0389.html
متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
