en
Feedback
SysAdmin 24x7

SysAdmin 24x7

Open in Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Show more
4 391
Subscribers
+124 hours
+37 days
-330 days
Posts Archive
#navegador #utilidades DWService: acceso remoto a otros sistemas desde el navegador: https://lamiradadelreplicante.com/2018/0
#navegador #utilidades DWService: acceso remoto a otros sistemas desde el navegador: https://lamiradadelreplicante.com/2018/01/03/dwservice-acceso-remoto-a-otros-sistemas-desde-el-navegador

Actualización de seguridad de SAP de enero de 2018 Fecha de publicación: 10/01/2018 Importancia: 3 - Media Recursos afectados:  SAP Netweaver SAP Solution Manager SAP Startup Service SAP HANASAP Plant Connectivity (PCo) https://www.certsi.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-enero-2018

CPU Side-Channel Information Disclosure Vulnerabilities Network Application, Service, and Acceleration Cisco Cloud Services Platform 2100 Cisco vBond Orchestrator Cisco vEdge 1000 Cisco vEdge 100 Cisco vEdge 2000 Cisco vEdge 5000 Cisco vEdge Cloud Cisco vManage NMS Cisco vSmart Controller Routing and Switching - Enterprise and Service Provider ASR9000 XR64bit Series Routers Cisco 4000 Series Integrated Services Routers (IOS XE Open Service Containers) Cisco 4000 Series Integrated Services Routers (IOx feature) Cisco 500 Series WPAN Industrial Routers (IOx feature) Cisco ASR 1000 Series Aggregation Services Routers with RP2 or RP3 (IOS XE Open Service Containers) Cisco CGR 1000 Compute Module (IOx feature) Cisco Catalyst 3650 Series Switches (IOx feature) Cisco Catalyst 3850 Series Switches (IOx feature) Cisco Catalyst 9300 Series Switches (IOx feature) Cisco Catalyst 9400 Series Switches (IOx feature) Cisco Catalyst 9500 Series Switches (IOx feature) Cisco Industrial Ethernet 4000 Series Switches (IOx feature) Cisco NCS 1000 Series Routers Cisco NCS 5000 Series Routers Cisco NCS 5500 Series Routers Cisco Nexus 3000 Series Switches Cisco Nexus 4000 Series Blade Switches Cisco Nexus 5000 Series Switches Cisco Nexus 6000 Series Switches Cisco Nexus 7000 Series Switches Cisco Nexus 9000 Series Fabric Switches - ACI mode Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode XRv9000 Series Routers Video, Streaming, TelePresence, and Transcoding Devices Cisco Meeting Server https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

Múltiples vulnerabilidades en IBM Security Key Lifecycle Manager Fecha de publicación: 08/01/2018 Importancia: 4 - Alta Recursos afectados:  IBM Security Key Lifecycle Manager v2.5 - 2.5.0.8, v2.6 - 2.6.0.3 y v2.7 - 2.7.0.2 https://www.certsi.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-ibm-security-key-lifecycle-manager

Corregidas graves vulnerabilidades en EMC y VMware vSphere Data Protection http://unaaldia.hispasec.com/2018/01/corregidas-graves-vulnerabilidades-en.html

Linux app to detect CPUs vulnerable to Meltdown https://github.com/raphaelsc/Am-I-affected-by-Meltdown

[local] VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit) https://www.exploit-db.com/exploits/43449/

Cómo actualizar todos tus sistemas operativos y navegadores para frenar a Meltdown y Spectre https://m.xataka.com/seguridad/como-actualizar-todos-tus-sistemas-operativos-y-navegadores-para-frenar-a-meltdown-y-spectre

Multiples vulnerabilidades en productos IBM WebSphere MQ y WebSphere Application Server Fecha de publicación: 05/01/2018 Importancia: 4 - Alta Recursos afectados:  IBM WebSphere MQ 7.0.1.07.0.1.14 IBM WebSphere MQ 7.1.0.07.1.0.8 IBM WebSphere MQ 7.5.0.07.5.0.8 IBM MQ 8.0.0.08.0.0.7 IBM MQ (LTS) 9.0.0.09.0.0.1 IBM MQ (CD) 9.0.1.09.0.3.0 IBM WebSphere Application Server Versiones: Liberty, 9.0, 8.5 y 8.0 https://www.certsi.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-ibm-websphere-mq-y-websphere

You can use a powershell tool to query the status of Windows mitigations for CVE-2017-5715 (branch target injection) and CVE-2017-5754 (rogue data cache load), more information here: Server: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution Client: https://support.microsoft.com/en-us/help/4073119/windows-client-guidance-for-it-pros-to-protect-against-speculative-exe

Alert (TA18-004A) Meltdown and Spectre Side-Channel Vulnerability Guidance https://www.us-cert.gov/ncas/alerts/TA18-004A

Vulnerabilidades críticas en múltiples CPUs. Meltdown y Spectre Fecha de publicación: 04/01/2018 Importancia: 5 - Crítica En la página hay enlaces a muchos fabricantes y sus recomendaciones. https://www.certsi.es/alerta-temprana/avisos-seguridad/vulnerabilidades-criticas-multiples-cpus-meltdown-y-spectre

Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) speculation-free information: Website: https://meltdownattack.com/ Project Zero blogpost: https://googleprojectzero.blogspot.ch/2018/01/reading-privileged-memory-with-side.html CERT advisory: https://www.kb.cert.org/vuls/id/584653