SysAdmin 24x7
前往频道在 Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
显示更多4 386
订阅者
+124 小时
-57 天
无数据30 天
帖子存档
4 387
Vulnerability Spotlight: Multiple Vulnerabilities in CUJO Smart Firewall, Das U-Boot, OCTEON SDK, Webroot BrightCloud
https://blog.talosintelligence.com/2019/03/vuln-spotlight-cujo.html
4 387
Apache CouchDB Cross-Site Scripting
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0382.html
4 387
Google Chrome PaymentRequest Service Use After Free
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0365.html
4 387
P2PSocketDispatcherHost Use After Free
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0366.html
4 387
Arbitrary File Download (CVE-2019-6110)
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0383.html
4 387
PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws
https://thehackernews.com/2019/03/putty-software-hacking.html
4 387
Google Photos Bug Exposed the Location & Time of Your Pictures
https://www.bleepingcomputer.com/news/security/google-photos-bug-exposed-the-location-and-time-of-your-pictures/
4 387
SilkETW: Because Free Telemetry is … Free!
https://www.fireeye.com/blog/threat-research/2019/03/silketw-because-free-telemetry-is-free.html
4 387
Cisco IP Phone 8800 Series Path Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv
4 387
Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce
4 387
La ICANN solicita la implementación total de las DNSSEC y promueve la colaboración de la comunidad para proteger Internet
https://www.icann.org/news/announcement-94-2019-02-27-es
4 387
Validación insuficiente en backend HTTP remoto de PowerDNS
Fecha de publicación: 19/03/2019
Importancia: 4 - Alta
Recursos afectados:
PowerDNS Authoritative versiones 4.1.6 y anteriores.
Descripción:
Una vulnerabilidad de criticidad alta podría permitir a un atacante remoto generar una condición de denegación de servicio, divulgación de información o falsificación de contenido.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/validacion-insuficiente-backend-http-remoto-powerdns
4 387
Múltiples vulnerabilidades en Moodle
Fecha de publicación: 19/03/2019
Importancia: 4 - Alta
Recursos afectados:
Se han visto afectadas las siguientes versiones, según la vulnerabilidad:
MSA-19-0004 y MSA-19-0007: 3.6 hasta 3.6.2, 3.5 hasta 3.5.4, 3.4 hasta 3.4.7, 3.1 hasta 3.1.16 y versiones anteriores no soportadas.
MSA-19-0005: 3.6 hasta 3.6.2, 3.5 hasta 3.5.4 y 3.4 hasta 3.4.7
MSA-19-0006: 3.6 hasta 3.6.2, 3.5 hasta 3.5.4, 3.4 hasta 3.4.7 y versiones anteriores no soportadas.
MSA-19-0008: 3.6 hasta 3.6.2 y 3.5 hasta 3.5.4
MSA-19-0009: 3.6 hasta 3.6.2
Descripción:
Se han descubierto 6 vulnerabilidades en la plataforma Moodle, 3 de criticidad alta y 3 de criticidad baja.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-moodle-4
4 387
Intel SA-00185 CSME-SPS-TXE-AMT Vulnerabilities in NetApp Products
Advisory ID: NTAP-20190318-0001
Version: 1.0
Last updated: 03/18/2019
Status: Interim.
Impact
Successful exploitation of these vulnerabilities could lead to information disclosure, Denial of Service (DoS) or arbitrary code execution.
https://security.netapp.com/advisory/ntap-20190318-0001/
4 387
Intel SA-00191 Firmware Vulnerabilities in NetApp Products
Advisory ID: NTAP-20190318-0002
Version: 1.0
Last updated: 03/18/2019
Status: Interim.
Impact
Successful exploitation of these vulnerabilities could lead to privilege escalation, disclosure of sensitive information, Denial of Service(DoS), or arbitrary code execution.
https://security.netapp.com/advisory/ntap-20190318-0002/
4 387
Hackers Bypass Multi-factor Authentication to Hack Office 365 & G Suite Cloud Accounts Using IMAP Protocol
https://gbhackers.com/imap-most-abused-protocol/
4 387
Automatically extract KeyStore objects and relative password from Android applications with Frida
http://ceres-c.it/frida-android-keystore/
4 387
Webmin 1.900 Upload Authenticated Remote Command Execution - CXSecurity.com
https://cxsecurity.com/issue/WLB-2019030131
4 387
How a wireless keyboard lets hackers take full control of connected computers
https://arstechnica.com/information-technology/2019/03/how-a-wireless-keyboard-lets-hackers-take-full-control-of-connected-computers/
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
