SysAdmin 24x7
Open in Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Show more4 385
Subscribers
-224 hours
-77 days
+630 days
Posts Archive
4 386
Creando un laboratorio de #Pentesting con #GNS3 y #Docker
https://www.dragonjar.org/creando-un-laboratorio-de-pentesting-gns3.xhtml
4 386
Practical case: Crack Me 0x01
#CTF #pentesters
The challenge in this practical case is taken from the Pen.Test CTF 2018 of the Platform Voor Informatiebeveiliging(Platform For Information Security), which took place on the 11th of October 2018. The challenge has been created by Jeffrey Jansen from Access42. During the CTF, I solved this challenge together with my team mate Exploiteer.
https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-crack-me-0x01/
4 386
Múltiples vulnerabilidades en productos de HPE
Fecha de publicación: 02/08/2019
Importancia: 5 - Crítica
Recursos afectados:
HPE 3PAR Service Processor, versiones anteriores a 5.0.5.1
HPE 3PAR StoreServ Management y Core Software Media, versiones anteriores a 3.5.0.1
Descripción:
El equipo de respuesta de seguridad de HPE ha descubierto múltiples vulnerabilidades en varios productos del fabricante.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-4
4 386
Vulnerabilidad de validación incorrecta de entrada en las series Nexus 9000 de Cisco
Fecha de publicación: 01/08/2019
Importancia: 4 - Alta
Recursos afectados:
Series Nexus 9000 del producto Cisco Fabric Switches en modo ACI, si están ejecutando el software Cisco Nexus 9000 Series ACI en modo switch, versiones anteriores a 13.2(7f) o cualquiera de la rama 14.x.
Descripción:
Una vulnerabilidad en el subsistema Link Layer Discovery Protocol (LLDP), del software Cisco Nexus 9000 Series ACI en modo switch, permitiría a un atacante adyacente no autenticado provocar una condición de denegación de servicio (DoS) o ejecutar código arbitrario con privilegios de root.
Solución:
Las actualizaciones que corrigen la vulnerabilidad indicada pueden descargarse desde: Panel de descarga de Software Cisco.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-validacion-incorrecta-entrada-las-series-nexus-9000
4 386
#CISA Releases Advisory on Wind River #VxWorks Platform
The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/30/cisa-releases-advisory-wind-river-vxworks-platform
4 386
Hacking eCommerce sites based on OXID eShop by chaining 2 flaws
Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack.
https://securityaffairs.co/wordpress/89165/hacking/oxid-eshop-flaws.html
4 386
AWDL flaws open #Apple users to tracking, #MitM, malware planting
Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in spite of MAC randomization, to intercept and modify transmitted files, and to prevent transmission or crash devices altogether.
https://www.helpnetsecurity.com/2019/07/31/apple-airdrop-issues/
4 386
How an attacker can target #phishing attacks
There are a number of ways attackers can exploit public information about your organization's employees. CSO Online's Susan Bradley walks through how an attacker can gain access to your organization's Office 365 accounts and how you can protect your enterprise from these potential attacks.
https://www.csoonline.com/video/97009/how-an-attacker-can-target-phishing-attacks
4 386
Las conversaciones de Apple Siri son revisadas por empresas externas poniendo en riesgo la privacidad de los usuarios
#privacidad
https://www.seguridadapple.com/2019/07/las-conversaciones-de-apple-siri-son.html
4 386
Técnica Anti-VM con MSAcpi_ThermalZoneTemperature
#Hackplayers
https://www.hackplayers.com/2019/07/anti-vm-msacpi-thermalzonetemperature.html
4 386
BLUESPAWN helps #blueteams monitor Windows systems in real-time against active attackers by detecting anomalous activity
https://github.com/ION28/BLUESPAWN/blob/master/README.md
4 386
Adama
Searches For Threat Hunting and Security Analytics
A collection of known log and / or event data searches for threat hunting and detection. They enumerate sets of searches used across many different data pipelines. Implementation details are for ELK.
https://github.com/randomuserid/SpaceCake-Adama
4 386
Why Hackers Abuse #ActiveDirectory
From Ransomware to APT Attacks, AD Can Make Connecting to Systems Easy
https://www.govinfosecurity.com/hackers-abuse-active-directory-a-12825
4 386
RDP Fingerprinting
Profiling #RDP Clients with JA3 and RDFP
https://medium.com/@0x4d31/rdp-client-fingerprinting-9e7ac219f7f4
4 386
Capital One Target of Massive Data Breach
A hacker gained access to personal information from more than 100 million Capital One credit applications, the bank said Monday as federal authorities arrested a suspect in the case .
https://www.securityweek.com/capital-one-target-massive-data-breach
4 386
#Urgent11 security flaws impact routers, printers, SCADA, medical equipment, and many other IoT devices.
Security flaws impact the networking stack of the VxWorks RTOS.
https://www.zdnet.com/article/urgent11-security-flaws-impact-routers-printers-scada-and-many-iot-devices/?__twitter_impression=true
4 386
#usbrip (derived from "USB Ripper", not "USB R.I.P." 😲) is an open source #forensics tool with CLI interface that lets you keep track of #USB device artifacts (aka USB event history, "Connected" and "Disconnected" events) on Linux machines.
https://github.com/snovvcrash/usbrip
4 386
#Symantec #DLP Cross-Site Scripting (CVE-2019-9701)
Vulnerability Description
A cross-site scripting vulnerability exists in Symantec DLP 15.5 MP1. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the effected system.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0899.html
4 386
#Adobe ColdFusion Remote Code Execution (CVE-2019-7839)
Vulnerability Description
A remote code execution vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0910.html
4 386
Ataque de inyección XXE en Daeja ViewONE de IBM
Fecha de publicación: 29/07/2019
Importancia: 4 - Alta
Recursos afectados:
Daeja ViewONE Virtual, desde la versión 5.0 hasta la 5.0.6.
Descripción:
IBM ha publicado una vulnerabilidad de criticidad alta en Daeja ViewONE Professional, Standard y Virtual. Un atacante remoto podría revelar información sensible o generar una condición de denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ataque-inyeccion-xxe-daeja-viewone-ibm
Available now! Telegram Research 2025 — the year's key insights 
