ar
Feedback
SysAdmin 24x7

SysAdmin 24x7

الذهاب إلى القناة على Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

إظهار المزيد
4 386
المشتركون
-224 ساعات
-37 أيام
+730 أيام
أرشيف المشاركات
#Juniper Networks Releases Security Updates Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. https://www.us-cert.gov/ncas/current-activity/2019/10/10/juniper-networks-releases-security-updates

ACSC Releases Small Business Cybersecurity Guide The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide for small businesses. The guide provides checklists to help small businesses protect themselves against common cybersecurity incidents. https://www.us-cert.gov/ncas/current-activity/2019/10/10/acsc-releases-small-business-cybersecurity-guide

#Apple Software Update #ZeroDay Used by BitPaymer #Ransomware Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows. https://www.bleepingcomputer.com/news/security/apple-software-update-zero-day-used-by-bitpaymer-ransomware/

Staying Hidden on the Endpoint: Evading Detection with Shellcode True red team assessments require a secondary objective of avoiding detection. Part of the glory of a successful red team assessment is not getting detected by anything or anyone on the system. As modern Endpoint Detection and Response ( #EDR ) products have matured over the years, the red teams must follow suit. This blog post will provide some insights into how the FireEye Mandiant Red Team crafts payloads to bypass modern EDR products and get full command and control (C2) on their victims’ systems. https://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html

FBI Releases Article on Defending Against Phishing and Spearphishing Attacks In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks. https://www.us-cert.gov/ncas/current-activity/2019/10/10/fbi-releases-article-defending-against-phishing-and-spearphishing

Ispy - #Eternalblue (MS17-010) / #Bluekeep (CVE-2019-0708) Scanner And Exploit https://www.kitploit.com/2019/10/ispy-eternalblue-ms17-010-bluekeep-cve.html?amp=1&m=1

AllThingsSSRF This is a collection of writeups, cheatsheets, videos, related to #SSRF in one single location This is currently work in progress I will add more resources as I find them. https://github.com/jdonsec/AllThingsSSRF

Múltiples vulnerabilidades en productos #Juniper Fecha de publicación: 10/10/2019 Importancia: 5 - Crítica Recursos afectados:  Junos OS 12.3X48, 15.1X49, 17.3, 17.4. Plataformas afectadas: SRX Series. Junos OS 18.1, 18.1X75, 18.2, 18.2X75, 18.3, 18.4. Plataformas afectadas: MX2008, MX2010, MX2020, MX480, MX960. Junos OS. Plataformas afectadas: NFX Series. Junos OS 12.3X48. Plataformas afectadas: SRX Series. Junos OS 18.1, 18.1X75. Junos OS 15.1X49, 18.2, 18.4. Plataformas afectadas: SRX Series. Junos OS 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4. Junos OS 12.3, 12.3X48, 14.1X53, 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1. Junos OS. Plataformas afectadas: SRX 5000 Series. Junos OS 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4. Plataformas afectadas: MX Series. Junos OS 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3. Junos OS 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4. Junos OS 15.1X49, 17.4, 18.1, 18.2, 18.3, 18.4. Plataformas afectadas: SRX1500. Junos OS 12.3X48, 15.1X49, 17.4, 18.1, 18.2, 18.3. Plataformas afectadas: SRX Series. Junos OS. Plataformas afectadas: NFX Series. Junos OS 18.1R3-S4, 18.3R1-S3. Plataformas afectadas: EX2300, EX2300-C, EX3400. Contrail Networking. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-juniper-5

Ejecución remota de código en #Dameware Mini Remote Control de #SolarWinds Fecha de publicación: 10/10/2019 Importancia: 5 - Crítica Recursos afectados:  Solarwinds Dameware Mini Remote Client Agent Service, versión 12.1.0.89. Descripción:  Tenable ha encontrado una vulnerabilidad de severidad crítica. Un atacante remoto, sin autenticación, podría ejecutar código arbitrario en el dispositivo. Solución:  Todavía no hay una solución disponible. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-codigo-dameware-mini-remote-control-solarwinds

#SAP Patches Critical Vulnerabilities With October 2019 Security Updates SAP this week released seven new security notes as part of the October 2019 Security Patch Day, with two of these notes rated Hot News (Critical). This month’s set of patches also includes two security notes released after the second Tuesday of last month but before this Tuesday, along with one update for a previously released patch, totalling 10 security notes. The most important of these notes addresses a missing authentication check in the AS2 adapter of the B2B add-on for SAP NetWeaver Process Integration. Tracked as CVE-2019-0379, the vulnerability features a CVSS score of 9.3. https://www.securityweek.com/sap-patches-critical-vulnerabilities-october-2019-security-updates

#Intel Releases Security Updates Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: Active System Console Advisory INTEL-SA-00261 Smart Connect Technology for Intel NUC Advisory INTEL-SA-00286 NUC Advisory INTEL-SA-00296 https://www.us-cert.gov/ncas/current-activity/2019/10/09/intel-releases-security-updates

PENTESTING-BIBLE hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources. https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE

#iTerm2 Vulnerability The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2019-9535) affecting iTerm2, a macOS terminal emulator. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#763073, Mozilla’s blog post, and iTerm2’s downloads page for patch information and additional details. https://www.us-cert.gov/ncas/current-activity/2019/10/09/iterm2-vulnerability

Zero-day published for old Joomla CMS versions Proof-of-concept code available online; trivial to exploit. https://www.zdnet.com/article/zero-day-published-for-old-joomla-cms-versions/

#Apple Releases Security Updates Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: iCloud for Windows 7.14 iCloud for Windows 10.7 iTunes 12.10.1 for Windows macOS Catalina 10.15 https://www.us-cert.gov/ncas/current-activity/2019/10/08/apple-releases-security-updates

Vulnerability Spotlight: Multiple remote code execution bugs in #NitroPDF #RCE Cisco Talos recently discovered multiple remote code execution vulnerabilities in NitroPDF. Nitro PDF allows users to save, read, sign and edit PDF files on their machines. There are two versions of the product: a free and a paid version called “Pro.” The paid version offers several features the free one does not, including the ability to combine multiple PDFs into one file and to redact sensitive information in the file. These bugs all exist in the Pro version of the software. https://blog.talosintelligence.com/2019/10/vuln-spotlight-Nitro-PDF-RCE-bugs-sept-19.html

Vulnerabilidad de inyección de parámetros en Spectrum Scale de IBM Fecha de publicación: 09/10/2019 Importancia: 4 - Alta Recursos afectados:  IBM Spectrum Scale: Desde la versión 5.0.0.0 hasta la versión 5.0.3.2. Desde la versión 4.2.0.0 hasta la versión 4.2.3.17. Descripción: IBM ha detectado una vulnerabilidad de criticidad alta en uno de sus productos. Un atacante podría obtener privilegios de root en el sistema. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-parametros-spectrum-scale-ibm