ch
Feedback
SysAdmin 24x7

SysAdmin 24x7

前往频道在 Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

显示更多
4 385
订阅者
无数据24 小时
-37
+430
帖子存档
Los canales públicos de Telegram vía web desde el 1 de junio, sin necesidad de aplicación: https://t.me/s/sysadmin24x7

#Exim 4.9.1 #RCE Remote Command Execution Qualys discovered a remote command execution vulnerability in Exim versions 4.87 to 4.91. https://packetstormsecurity.com/files/153218/QSA-CVE-2019-10149.txt

#VLC 3.0.7 is Biggest Security Release Due to EU #Bounty Program VLC Media Player 3.0.7 was released on Friday and contained the most security updates ever in one release of the program. The president of the VideoLan non-profit organization states that this was due to their inclusion in the EU-FOSSA #bugbounty program. https://www.bleepingcomputer.com/news/software/vlc-307-is-biggest-security-release-due-to-eu-bounty-program/

#Microsoft warns about email #spam campaign abusing #Office vulnerability Dangerous spam campaign targets European users with backdoor trojan. https://www.zdnet.com/article/microsoft-warns-about-email-spam-campaign-abusing-office-vulnerability/

Execution Trace Viewer Execution Trace Viewer is an application for viewing, editing and analyzing execution traces. It was originally made for reverse engineering obfuscated code, but it can be used to analyze any kind of execution trace. https://github.com/teemu-l/execution-trace-viewer

New Brute-Force #Botnet Targeting Over 1.5 Million #RDP Servers Worldwide https://thehackernews.com/2019/06/windows-rdp-brute-force.html

#Windows10 zero-day details published on GitHub SandboxEscaper details new "ByeBear" zero-day impacting Windows 10 and #Server2019. https://www.zdnet.com/article/windows-10-zero-day-details-published-on-github/

RDPStrip: Cómo atacar Remote Desktop Protocol en Windows. Nota: Activa Network Level Authentication a.s.a.p.! Sabemos que estamos ante el año del RDP/RDScomo elemento vulnerable y BlueKeep nos lo recuerda cada día, ante la amenaza de un nuevo EternalBlue. Pero BlueKeep no es la única amenaza a la que se enfrenta el RDP/RDS. Recuperando algunos ejemplos del pasado, que siguen siendo válidos hoy en día, vemos la herramienta Seth o el script RDPStrip. http://www.elladodelmal.com/2019/06/rdpstrip-como-atacar-remote-desktop.html

Múltiples vulnerabilidades en productos VMware Fecha de publicación: 06/06/2019 Importancia: 4 - Alta Recursos afectados:  VMware Tools en Windows versión 10.x VMware Workstation Pro / Player en Linux  versión 15.x Descripción:  VMware ha publicado una vulnerabilidad de lectura fuera de límites en VMware Tools y otra de uso de memoria después de liberación en Workstation. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-9

DoS y ejecución remota de código en varios productos de Cisco Fecha de publicación: 06/06/2019 Importancia: 4 - Alta Recursos afectados:  Expressway Series configurado para acceso móvil y remoto con IM&P Service, versiones desde X8.1 hasta X12.5.2 TelePresence VCS configurado para acceso móvil y remoto con IM&P Service, versiones desde X8.1 hasta X12.5.2 Unified Communications Manager IM&P Service, versiones: 10.5(2) 11.5(1) 12.0(1) Cisco Industrial Network Director, versiones anteriores a 1.6.0 Descripción:  Cisco ha publicado una vulnerabilidad de denegación de servicio y otra de ejecución arbitraria de código que afectan a varios de sus productos. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/dos-y-ejecucion-remota-codigo-varios-productos-cisco

New #RCE vulnerability impacts nearly half of the internet's email servers #Exim vulnerability lets attackers run commands as #root on remote email servers. https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/

Build an easy #RDP #Honeypot with #Raspberry PI 3 and observe the infamous attacks as ( #BlueKeep ) CVE-2019–0708 Last weeks a big activity on networks trying to attack RDP service , maybe a botnets looking an infected “zombies” on RDP services or perhaps the bad guys trying to exploit the new attack called (BlueKeep) CVE-2019–0708 ? Inspect the traffic and setup your own honeypot with RP3. https://medium.com/@alt3kx/build-an-easy-rdp-honeypot-with-raspberry-pi-3-and-observe-the-infamous-attacks-as-bluekeep-29a167f78cc1

#Cisco Industrial Network Director Remote Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-rce

Vulnerabilidad en Jazz for Service Management (JazzSM) de IBM Fecha de publicación: 05/06/2019 Importancia: 4 - Alta Recursos afectados:  Jazz for Service Management (JazzSM), versiones 1.1.3 - 1.1.3.2 Descripción:  IBM ha publicado una vulnerabilidad que afecta a su producto Jazz for Service Management (JazzSM) que podría permitir a un atacante remoto realizar ataques de phishing, utilizando un ataque de redireccionamiento abierto. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-jazz-service-management-jazzsm-ibm

Vulnerabilidades SQLi y CSRF en phpMyAdmin Fecha de publicación: 05/06/2019 Importancia: 5 - Crítica Recursos afectados:  Las versiones de phpMyAdmin anteriores a 4.8.6 (CVE-2019-11768) Todas las versiones de phpMyAdmin anteriores a 4.9.0, al menos desde la versión 4.0 (CVE-2019-12616) https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidades-sqli-y-csrf-phpmyadmin

Export corrupts #Windows Event Log files Exported .evtx files may contain corrupted data – Check interpretation of #forensic tools. https://blog.fox-it.com/2019/06/04/export-corrupts-windows-event-log-files/

Remote Desktop #ZeroDay Bug Allows Attackers to Hijack Sessions A new zero-day vulnerability has been disclosed that could allow attackers to hijack existing Remote Desktop Services sessions in order to gain access to a computer. The flaw can be exploited to bypass the lock screen of a #Windows machine, even when two-factor authentication (2FA) mechanisms such as Duo Security MFA are used. Other login banners an organization may set up are also bypassed. https://www.bleepingcomputer.com/news/security/remote-desktop-zero-day-bug-allows-attackers-to-hijack-sessions/