SysAdmin 24x7
الذهاب إلى القناة على Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
إظهار المزيد4 385
المشتركون
لا توجد بيانات24 ساعات
-37 أيام
+430 أيام
أرشيف المشاركات
4 385
Nueva Botnet ataca mediante fuerza bruta servidores RDP
https://unaaldia.hispasec.com/2019/06/nueva-botnet-ataca-mediante-fuerza-bruta-servidores-rdp.html
4 385
Los canales públicos de Telegram vía web desde el 1 de junio, sin necesidad de aplicación:
https://t.me/s/sysadmin24x7
4 385
#Exim 4.9.1 #RCE Remote Command Execution
Qualys discovered a remote command execution vulnerability in Exim versions 4.87 to 4.91.
https://packetstormsecurity.com/files/153218/QSA-CVE-2019-10149.txt
4 385
#VLC 3.0.7 is Biggest Security Release Due to EU #Bounty Program
VLC Media Player 3.0.7 was released on Friday and contained the most security updates ever in one release of the program. The president of the VideoLan non-profit organization states that this was due to their inclusion in the EU-FOSSA #bugbounty program.
https://www.bleepingcomputer.com/news/software/vlc-307-is-biggest-security-release-due-to-eu-bounty-program/
4 385
#Microsoft warns about email #spam campaign abusing #Office vulnerability
Dangerous spam campaign targets European users with backdoor trojan.
https://www.zdnet.com/article/microsoft-warns-about-email-spam-campaign-abusing-office-vulnerability/
4 385
Execution Trace Viewer
Execution Trace Viewer is an application for viewing, editing and analyzing execution traces. It was originally made for reverse engineering obfuscated code, but it can be used to analyze any kind of execution trace.
https://github.com/teemu-l/execution-trace-viewer
4 385
New Brute-Force #Botnet Targeting Over 1.5 Million #RDP Servers Worldwide
https://thehackernews.com/2019/06/windows-rdp-brute-force.html
4 385
#Windows10 zero-day details published on GitHub
SandboxEscaper details new "ByeBear" zero-day impacting Windows 10 and #Server2019.
https://www.zdnet.com/article/windows-10-zero-day-details-published-on-github/
4 385
Bug Breaks #IExplorer 11 on Some #Windows10 Versions
https://www.bleepingcomputer.com/news/microsoft/bug-breaks-internet-explorer-11-on-some-windows-10-versions/
4 385
RDPStrip: Cómo atacar Remote Desktop Protocol en Windows. Nota: Activa Network Level Authentication a.s.a.p.!
Sabemos que estamos ante el año del RDP/RDScomo elemento vulnerable y BlueKeep nos lo recuerda cada día, ante la amenaza de un nuevo EternalBlue. Pero BlueKeep no es la única amenaza a la que se enfrenta el RDP/RDS. Recuperando algunos ejemplos del pasado, que siguen siendo válidos hoy en día, vemos la herramienta Seth o el script RDPStrip.
http://www.elladodelmal.com/2019/06/rdpstrip-como-atacar-remote-desktop.html
4 385
Múltiples vulnerabilidades en productos VMware
Fecha de publicación: 06/06/2019
Importancia: 4 - Alta
Recursos afectados:
VMware Tools en Windows versión 10.x
VMware Workstation Pro / Player en Linux versión 15.x
Descripción:
VMware ha publicado una vulnerabilidad de lectura fuera de límites en VMware Tools y otra de uso de memoria después de liberación en Workstation.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-9
4 385
DoS y ejecución remota de código en varios productos de Cisco
Fecha de publicación: 06/06/2019
Importancia: 4 - Alta
Recursos afectados:
Expressway Series configurado para acceso móvil y remoto con IM&P Service, versiones desde X8.1 hasta X12.5.2
TelePresence VCS configurado para acceso móvil y remoto con IM&P Service, versiones desde X8.1 hasta X12.5.2
Unified Communications Manager IM&P Service, versiones:
10.5(2)
11.5(1)
12.0(1)
Cisco Industrial Network Director, versiones anteriores a 1.6.0
Descripción:
Cisco ha publicado una vulnerabilidad de denegación de servicio y otra de ejecución arbitraria de código que afectan a varios de sus productos.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/dos-y-ejecucion-remota-codigo-varios-productos-cisco
4 385
New #RCE vulnerability impacts nearly half of the internet's email servers
#Exim vulnerability lets attackers run commands as #root on remote email servers.
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/
4 385
Build an easy #RDP #Honeypot with #Raspberry PI 3 and observe the infamous attacks as ( #BlueKeep ) CVE-2019–0708
Last weeks a big activity on networks trying to attack RDP service , maybe a botnets looking an infected “zombies” on RDP services or perhaps the bad guys trying to exploit the new attack called (BlueKeep) CVE-2019–0708 ? Inspect the traffic and setup your own honeypot with RP3.
https://medium.com/@alt3kx/build-an-easy-rdp-honeypot-with-raspberry-pi-3-and-observe-the-infamous-attacks-as-bluekeep-29a167f78cc1
4 385
#Cisco Industrial Network Director Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-rce
4 385
Vulnerabilidad en Jazz for Service Management (JazzSM) de IBM
Fecha de publicación: 05/06/2019
Importancia: 4 - Alta
Recursos afectados:
Jazz for Service Management (JazzSM), versiones 1.1.3 - 1.1.3.2
Descripción:
IBM ha publicado una vulnerabilidad que afecta a su producto Jazz for Service Management (JazzSM) que podría permitir a un atacante remoto realizar ataques de phishing, utilizando un ataque de redireccionamiento abierto.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-jazz-service-management-jazzsm-ibm
4 385
Vulnerabilidades SQLi y CSRF en phpMyAdmin
Fecha de publicación: 05/06/2019
Importancia: 5 - Crítica
Recursos afectados:
Las versiones de phpMyAdmin anteriores a 4.8.6 (CVE-2019-11768)
Todas las versiones de phpMyAdmin anteriores a 4.9.0, al menos desde la versión 4.0 (CVE-2019-12616)
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidades-sqli-y-csrf-phpmyadmin
4 385
Export corrupts #Windows Event Log files
Exported .evtx files may contain corrupted data – Check interpretation of #forensic tools.
https://blog.fox-it.com/2019/06/04/export-corrupts-windows-event-log-files/
4 385
Remote Desktop #ZeroDay Bug Allows Attackers to Hijack Sessions
A new zero-day vulnerability has been disclosed that could allow attackers to hijack existing Remote Desktop Services sessions in order to gain access to a computer.
The flaw can be exploited to bypass the lock screen of a #Windows machine, even when two-factor authentication (2FA) mechanisms such as Duo Security MFA are used. Other login banners an organization may set up are also bypassed.
https://www.bleepingcomputer.com/news/security/remote-desktop-zero-day-bug-allows-attackers-to-hijack-sessions/
متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
