en
Feedback
SysAdmin 24x7

SysAdmin 24x7

Open in Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Show more
4 385
Subscribers
-224 hours
-77 days
+630 days
Posts Archive
Auditing containers with #osquery When running containers in production with Docker, bad configurations can easily lead to vulnerable environments: privileged containers, processes inside a container that are running with the root user or lack of AppArmor profiles for security restrictions are some common examples. An attacker who exploits application vulnerabilities in the container could use this lack of restrictions to access to the host or other servers on your network. Using osquery, we will query the Docker daemon like a relational database and quickly identify these security flaws. https://itnext.io/auditing-containers-with-osquery-389636f8c420

Hide *Exploitable* Extended-Rights (including DCSync privs) to remain persistence #ActiveDirectory https://medium.com/@huykha/hide-exploitable-extended-rights-to-remain-persistence-92a2e1d3670d

¿NECESITAS AYUDA para desbloquear tu vida digital sin pagar el rescate a tus atacantes? #decryptor #Ransomware https://www.nomoreransom.org/

ECh0raix #Ransomware #Decryptor Restores #QNAP Files For Free A decryptor for the eCh0raix Ransomware, or QNAPCrypt,  has been released that allows victims to recover encrypted files on their QNAP NAS devices. https://www.bleepingcomputer.com/ransomware/decryptor/ech0raix-ransomware-decryptor-restores-qnap-files-for-free/

#Microsoft launches #Azure Security Lab, expands #bugbounty rewards Researchers can earn up to $40,000 for reporting Azure vulnerabilities. https://www.zdnet.com/article/microsoft-announces-azure-security-lab-azure-bug-bounty-expansion/

Múltiples vulnerabilidades en productos VMware Fecha de publicación: 05/08/2019 Importancia: 4 - Alta Recursos afectados:  VMware vSphere ESXi, versiones 6.5 y 6.7. VMware Workstation Pro / Player, versiones 14.x y 15.x. VMware Fusion Pro / Fusion, versiones 10.x y 11.x. Descripción:  Piotr Bania, de Cisco Talos, ha reportado dos vulnerabilidades a VMware, de lectura y escritura fuera de límites que afectan a los productos ESXi, Workstation y Fusion. #Incibe https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-10

Package : #proftpd dfsg CVE ID : CVE-2019-12815 Debian Bug : 932453 Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. https://lists.debian.org/debian-security-announce/2019/msg00139.html

Beware of Emails Asking You to "Confirm Your Unsubscribe" Request A long-running #scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other type of scam. https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/

One Misconfig ( #JIRA ) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies! https://medium.com/@logicbomb_1/one-misconfig-jira-to-leak-them-all-including-nasa-and-hundreds-of-fortune-500-companies-a70957ef03c7

#Pentesting #ActiveDirectory & Pentesting Active Directory Forests https://www.sniferl4bs.com/2019/08/pentesting-active-directory-pentesting.html

#Cisco Releases Security Updates Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system. https://www.us-cert.gov/ncas/current-activity/2019/08/01/cisco-releases-security-updates

NTAP-20190802-0001: August 2019 VxWorks TCP/IP Stack (IPNET) Vulnerabilities in #NetApp Products https://security.netapp.com/advisory/ntap-20190802-0001/

#NVIDIA Patches High Severity Flaws in Windows GPU Display Driver NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers. https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/

Critical Remote Code Execution Vulnerability in #DHCP Client Let Hackers Take Control of the Network https://gbhackers.com/dhcp-client/

Analysing #RPC With #Ghidra and Neo4j https://blog.xpnsec.com/analysing-rpc-with-ghidra-neo4j

Extracción de configuración de malware con MalConfScan (plugin de #Volatility) #Hackplayers https://www.hackplayers.com/2019/08/extraccion-de-configuracion-de-malware.html