SysAdmin 24x7
Ir al canal en Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Mostrar más4 387
Suscriptores
+124 horas
-47 días
Sin datos30 días
Archivo de publicaciones
4 387
Microsoft parchea una vulnerabilidad 0-day explotada activamente
https://unaaldia.hispasec.com/2018/12/microsoft-parchea-una-vulnerabilidad-0-day-explotada-activamente.html
4 387
Múltiples vulnerabilidades en productos de Netgear
Fecha de publicación: 14/12/2018
Importancia: 4 - Alta
Descripción:
Netgear ha publicado 22 vulnerabilidades, de las cuales 6 son de severidad alta.
Solución:
Actualizar a la última versión de firmware disponible en su centro de descargas.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-3
4 387
Watch Android Malware Automatically Steal 1,000 Euros From a PayPal Account in Seconds
A new banking malware for Android phones allows criminals to take over control of PayPal and steal money.
https://motherboard.vice.com/en_us/article/j5zan7/android-malware-paypal
4 387
Actualización crítica de phpMyAdmin
https://unaaldia.hispasec.com/2018/12/actualizacion-critica-de-phpmyadmin.html
4 387
Ejecución remota de código en WebSphere Application Server de IBM
Fecha de publicación: 12/12/2018
Importancia: 4 - Alta
Recursos afectados:
IBM WebSphere Application, versiones 9.0, 8.5, 8.0 y 7.0
Descripción:
IBM ha publicado una vulnerabilidad de severidad alta que afecta a su producto WebSphere Application Server y que podría permitir la ejecución remota de código.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-codigo-websphere-application-server-ibm-0
4 387
Donot (APT-C-35) Group Is Targeting Pakistani Businessman Working In China
https://ti.360.net/blog/articles/donot-group-is-targeting-pakistani-businessman-working-in-china-en
4 387
Expediting changes to Google+
David Thacker
VP, Product Management, G Suite
https://www.blog.google/technology/safety-security/expediting-changes-google-plus/
4 387
Google+ bug gave developers access to non-public data from 52.5M users
https://techcrunch.com/2018/12/10/google-security-bug-gave-developers-access-to-non-public-data-from-52-5m-users/
4 387
Zero-Day Flash Player Vulnerability Fixed After Being Exploited In the Wild
https://latesthackingnews.com/2018/12/10/zero-day-flash-player-vulnerability-fixed-after-being-exploited-in-the-wild/
4 387
Apple Releases Multiple Security Updates
https://www.us-cert.gov/ncas/current-activity/2018/12/05/Apple-Releases-Multiple-Security-Updates
4 387
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address one critical vulnerability in Adobe Flash Player and one important vulnerability in Adobe Flash Player installer. Successful exploitation could lead to Arbitrary Code Execution and privilege escalation in the context of the current user respectively.
Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.
https://helpx.adobe.com/security/products/flash-player/apsb18-42.html
4 387
DHS and FBI published a joint alert on SamSam Ransomware
The US Department of Homeland Security (DHS) and the FBI issued a joint alert on SamSam attacks targeting critical infrastructure.
https://securityaffairs.co/wordpress/78720/malware/samsam-ransomware-alert.html
4 387
Múltiples vulnerabilidades en productos de IBM
Fecha de publicación: 05/12/2018
Importancia: 4 - Alta
Recursos afectados:
IBM Campaign versiones 9.1.0 y 9.1.2
IBM QRadar SIEM desde la versión 7.2.0 hasta la 7.2.8 Patch 13 y desde la versión 7.3.0 hasta la 7.3.1 Patch 6
Descripción:
IBM ha reportado varias vulnerabilidades en sus productos Campaign y QRadar SIEM que podrían permitir la escalada de privilegios, la divulgación de información o la denegación del servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-ibm-3
4 387
New Ransomware Spreading Rapidly in China Infected Over 100,000 PCs
https://thehackernews.com/2018/12/china-ransomware-wechat.html
4 387
DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks.
https://github.com/Markus-Go/bonesi
4 387
usbdeviceforensics: extracting USB information from Windows registry hives
https://securityonline.info/usbdeviceforensics-usb-info-windows-registry/
4 387
Top Five Ways the Red Team breached the External Perimeter
https://medium.com/@adam.toscher/top-five-ways-the-red-team-breached-the-external-perimeter-262f99dc9d17
4 387
Injecting Code into Windows Protected Processes using COM - Part 2
https://googleprojectzero.blogspot.com/2018/11/injecting-code-into-windows-protected.html
