SysAdmin 24x7
Open in Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Show more4 386
Subscribers
-224 hours
-37 days
+730 days
Posts Archive
4 386
#Juniper Networks Releases Security Updates
Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/10/10/juniper-networks-releases-security-updates
4 386
ACSC Releases Small Business Cybersecurity Guide
The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide for small businesses. The guide provides checklists to help small businesses protect themselves against common cybersecurity incidents.
https://www.us-cert.gov/ncas/current-activity/2019/10/10/acsc-releases-small-business-cybersecurity-guide
4 386
#Apple Software Update #ZeroDay Used by BitPaymer #Ransomware
Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows.
https://www.bleepingcomputer.com/news/security/apple-software-update-zero-day-used-by-bitpaymer-ransomware/
4 386
Staying Hidden on the Endpoint: Evading Detection with Shellcode
True red team assessments require a secondary objective of avoiding detection. Part of the glory of a successful red team assessment is not getting detected by anything or anyone on the system. As modern Endpoint Detection and Response ( #EDR ) products have matured over the years, the red teams must follow suit. This blog post will provide some insights into how the FireEye Mandiant Red Team crafts payloads to bypass modern EDR products and get full command and control (C2) on their victims’ systems.
https://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html
4 386
FBI Releases Article on Defending Against Phishing and Spearphishing Attacks
In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.
https://www.us-cert.gov/ncas/current-activity/2019/10/10/fbi-releases-article-defending-against-phishing-and-spearphishing
4 386
21
Nemty #Ransomware Decryptor Released, Recover Files for Free
https://www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/
4 386
Ispy - #Eternalblue (MS17-010) / #Bluekeep (CVE-2019-0708) Scanner And Exploit
https://www.kitploit.com/2019/10/ispy-eternalblue-ms17-010-bluekeep-cve.html?amp=1&m=1
4 386
AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, related to #SSRF in one single location
This is currently work in progress I will add more resources as I find them.
https://github.com/jdonsec/AllThingsSSRF
4 386
Múltiples vulnerabilidades en productos #Juniper
Fecha de publicación: 10/10/2019
Importancia: 5 - Crítica
Recursos afectados:
Junos OS 12.3X48, 15.1X49, 17.3, 17.4. Plataformas afectadas: SRX Series.
Junos OS 18.1, 18.1X75, 18.2, 18.2X75, 18.3, 18.4. Plataformas afectadas: MX2008, MX2010, MX2020, MX480, MX960.
Junos OS. Plataformas afectadas: NFX Series.
Junos OS 12.3X48. Plataformas afectadas: SRX Series.
Junos OS 18.1, 18.1X75.
Junos OS 15.1X49, 18.2, 18.4. Plataformas afectadas: SRX Series.
Junos OS 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4.
Junos OS 12.3, 12.3X48, 14.1X53, 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1.
Junos OS. Plataformas afectadas: SRX 5000 Series.
Junos OS 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4. Plataformas afectadas: MX Series.
Junos OS 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3.
Junos OS 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4.
Junos OS 15.1X49, 17.4, 18.1, 18.2, 18.3, 18.4. Plataformas afectadas: SRX1500.
Junos OS 12.3X48, 15.1X49, 17.4, 18.1, 18.2, 18.3. Plataformas afectadas: SRX Series.
Junos OS. Plataformas afectadas: NFX Series.
Junos OS 18.1R3-S4, 18.3R1-S3. Plataformas afectadas: EX2300, EX2300-C, EX3400.
Contrail Networking.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-juniper-5
4 386
Ejecución remota de código en #Dameware Mini Remote Control de #SolarWinds
Fecha de publicación: 10/10/2019
Importancia: 5 - Crítica
Recursos afectados:
Solarwinds Dameware Mini Remote Client Agent Service, versión 12.1.0.89.
Descripción:
Tenable ha encontrado una vulnerabilidad de severidad crítica. Un atacante remoto, sin autenticación, podría ejecutar código arbitrario en el dispositivo.
Solución:
Todavía no hay una solución disponible.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-codigo-dameware-mini-remote-control-solarwinds
4 386
#SAP Patches Critical Vulnerabilities With October 2019 Security Updates
SAP this week released seven new security notes as part of the October 2019 Security Patch Day, with two of these notes rated Hot News (Critical).
This month’s set of patches also includes two security notes released after the second Tuesday of last month but before this Tuesday, along with one update for a previously released patch, totalling 10 security notes.
The most important of these notes addresses a missing authentication check in the AS2 adapter of the B2B add-on for SAP NetWeaver Process Integration. Tracked as CVE-2019-0379, the vulnerability features a CVSS score of 9.3.
https://www.securityweek.com/sap-patches-critical-vulnerabilities-october-2019-security-updates
4 386
#Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:
Active System Console Advisory INTEL-SA-00261
Smart Connect Technology for Intel NUC Advisory INTEL-SA-00286
NUC Advisory INTEL-SA-00296
https://www.us-cert.gov/ncas/current-activity/2019/10/09/intel-releases-security-updates
4 386
PENTESTING-BIBLE
hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
4 386
#iTerm2 Vulnerability
The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2019-9535) affecting iTerm2, a macOS terminal emulator. An attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#763073, Mozilla’s blog post, and iTerm2’s downloads page for patch information and additional details.
https://www.us-cert.gov/ncas/current-activity/2019/10/09/iterm2-vulnerability
4 386
Uncovering The Unknowns
Mapping Windows API’s to Sysmon Events
https://posts.specterops.io/uncovering-the-unknowns-a47c93bb6971
GitHub: https://github.com/jsecurity101/Windows-API-To-Sysmon-Events
4 386
Zero-day published for old Joomla CMS versions
Proof-of-concept code available online; trivial to exploit.
https://www.zdnet.com/article/zero-day-published-for-old-joomla-cms-versions/
4 386
#Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:
iCloud for Windows 7.14
iCloud for Windows 10.7
iTunes 12.10.1 for Windows
macOS Catalina 10.15
https://www.us-cert.gov/ncas/current-activity/2019/10/08/apple-releases-security-updates
4 386
Vulnerability Spotlight: Multiple remote code execution bugs in #NitroPDF
#RCE
Cisco Talos recently discovered multiple remote code execution vulnerabilities in NitroPDF. Nitro PDF allows users to save, read, sign and edit PDF files on their machines. There are two versions of the product: a free and a paid version called “Pro.” The paid version offers several features the free one does not, including the ability to combine multiple PDFs into one file and to redact sensitive information in the file. These bugs all exist in the Pro version of the software.
https://blog.talosintelligence.com/2019/10/vuln-spotlight-Nitro-PDF-RCE-bugs-sept-19.html
4 386
Vulnerabilidad de inyección de parámetros en Spectrum Scale de IBM
Fecha de publicación: 09/10/2019
Importancia: 4 - Alta
Recursos afectados:
IBM Spectrum Scale:
Desde la versión 5.0.0.0 hasta la versión 5.0.3.2.
Desde la versión 4.2.0.0 hasta la versión 4.2.3.17.
Descripción:
IBM ha detectado una vulnerabilidad de criticidad alta en uno de sus productos. Un atacante podría obtener privilegios de root en el sistema.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-parametros-spectrum-scale-ibm
Available now! Telegram Research 2025 — the year's key insights 
