es
Feedback
SysAdmin 24x7

SysAdmin 24x7

Ir al canal en Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Mostrar más
4 385
Suscriptores
Sin datos24 horas
-37 días
+430 días
Archivo de publicaciones
Exploit #PoC #Linux command execution on #Vim #Neovim vulnerability (CVE-2019–12735) https://medium.com/@magrabursofily/exploit-poc-linux-command-execution-on-vim-neovim-vulnerability-cve-2019-12735-4c770d5573cf

Learn how to deploy a #Honeypot and visualise its data step by step Detailed instructions on how to deploy the Cowrie honeypot monitored by #Splunk. https://medium.com/@galolbardes/learn-how-to-deploy-a-honeypot-and-visualise-its-data-step-by-step-ea3cd3f25822

#FIN8 Hacker Group using Highly Sophisticated ShellTea #Malware to Attack Hospitality Sector FIN8 hacker group is back with a new highly sophisticated variant of the ShellTea malware and carried out attacks against hotel and entertainment industry. This would be the first attack by FIN8 hacker group in 2019, and it is believed that malware was deployed as a result of a phishing attack. https://gbhackers.com/fin8-hacker-group-malware

Flaw in #Evernote Web Clipper for #Chrome extension allows stealing data Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. https://securityaffairs.co/wordpress/87033/hacking/evernote-web-clipper-chrome-flaw.html

Cross-Site Request Forgery en Cisco IOS XE Software Web Fecha de publicación: 13/06/2019 Importancia: 4 - Alta Recursos afectados:  Productos Cisco IOS XE Software con la característica HTTP Server habilitada. Descripción:  Cisco ha publicado una vulnerabilidad que afecta a la interfaz web de usuario por la que un atacante remoto no autenticado podría realizar un ataque Cross-Site Request Forgery (CSRF). Solución:  Cisco no ha publicado ninguna solución al respecto. Como medida de mitigación recomienda desactivar la característica HTTP Server mediante los comandos "no ip http server" o "no ip http secure-server". https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/cross-site-request-forgery-cisco-ios-xe-software-web

#Apple ha lanzado una actualización de seguridad para sus #Airport Base Stations https://www.seguridadapple.com/2019/06/apple-ha-lanzado-una-actualizacion-de.html

#Exim Mail Server Remote Code Execution (CVE-2019-10149) Severity:Critical Who is Vulnerable? Exim Mail Server versions 4.87 to 4.91 (inclusive) Vulnerability Description: A remote code execution vulnerability exists in Exim Mail Server. A remote attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation could result in execution of arbitrary code on the affected system. https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0743.html

#Cisco Releases Security Update for Cisco IOS XE Cisco has released a security update to address a vulnerability in Cisco IOS XE. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. https://www.us-cert.gov/ncas/current-activity/2019/06/12/Cisco-Releases-Security-Update-Cisco-IOS-XE

#Sysmon 10.0 - New features and changes Mark Russinovich released a new version of Sysmon, raising it to 10.0, and this is a great upgrade! https://medium.com/@olafhartong/sysmon-10-0-new-features-and-changes-e82106f2e00

Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication https://blog.preempt.com/your-session-key-is-my-session-key

Actualización de seguridad de #Joomla! Fecha de publicación: 12/06/2019 Importancia: Baja Recursos afectados Joomla! CMS, versiones desde 3.6.0 hasta 3.9.6. Descripción Joomla! ha publicado dos nuevas versiones, la 3.9.8 y la 3.9.7, incluyendo en esta última la solución de tres vulnerabilidades de criticidad baja en su núcleo. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-joomla

Actualización de seguridad de #SAP de junio de 2019 Fecha de publicación: 12/06/2019 Importancia: 5 - Crítica Recursos afectados:  SAP Business Client, versión 6.5 Solution Manager, versión 7.2 SAP E-Commerce (Business-to-Consumer application), versiones: SAP-CRMJAV, SAP-CRMWEB, SAP-SHRWEB, SAP-SHRJAV, SAP-CRMAPP, SAP-SHRAPP 7.30, 7.31, 7.32, 7.33, 7.54 SAP R/3 Enterprise Application, versiones: EA-APPL  600, 602, 603, 604, 605, 606, 616, 617 SAP BusinessObjects Business Intelligence Platform (Administration Console), versiones 4.2, 4.3 SAP NetWeaver Process Integration (PI Integration Builder Web UI), versiones: SAP_XIESR: 7.10 hasta 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; SAP_XITOOL: 7.10 hasta 7.11, 7.30, 7.31, 7.40, 7.50, SAP_XIPCK 7.10 hasta 7.11, 7.20, 7.3 SAP Work Manager and SAP Inventory Manager, versiones SAP Work Manager 6.3.0, 6.4.0, 6.5  SAP NetWeaver AS ABAP Platform, versiones KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73 SAP NetWeaver Process Integration, versiones SAP_XIESR: 7.10 hasta 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; SAP_XITOOL: 7.10 hasta 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 SAP HANA Extended Application Services (advanced model), versión 1 SAP Enterprise Financial Services, versiones SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20 Descripción:  SAP ha publicado varias actualizaciones de seguridad de diferentes productos en su comunicado mensual. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-junio-2019

Boletín de seguridad de #Microsoft de junio de 2019 Fecha de publicación: 12/06/2019 Importancia: 5 - Crítica Recursos afectados:  Adobe Flash Player Microsoft Windows Internet Explorer Microsoft Edge Microsoft Office y Microsoft Office Services y Web Apps ChakraCore Skype para Business y Microsoft Lync Microsoft Exchange Server Azure Descripción:  La publicación de actualizaciones de seguridad de Microsoft de este mes consta de 87 vulnerabilidades, 21 clasificadas como críticas y 66 como importantes. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/boletin-seguridad-microsoft-junio-2019

Múltiples vulnerabilidades en productos #Intel Fecha de publicación: 12/06/2019 Importancia: 4 - Alta Recursos afectados:  Intel® Accelerated Storage Manager en Intel® RSTe, versiones anteriores a 5.5.0.2015 Intel® RAID Web Console 3 para Windows, versión 4.186 y anteriores Intel® NUC Kit, consultar el apartado referencias para ver las versiones afectadas Intel® Compute Card, consultar el apartado referencias para ver las versiones afectadas Intel® Compute Stick, consultar el apartado referencias para ver las versiones afectadas Open CIT y OpenAttestation, todas las versiones Intel® Omni-Path Fabric Manager GUI, versiones anteriores a 10.9.2.1.1 Intel® PROSet/Wireless WiFi Software, versiones anteriores a 21.10 para Microsoft Windows 7, 8.1 y 10 Intel® Turbo Boost Max Technology 3.0 driver, versión 1.0.0.1035 y anteriores Intel® SGX Linux client driver, versiones anteriores a 2.5 Intel® SGX DCAP Linux driver, versiones anteriores a 1.1 ITE Tech* Consumer Infrared Driver para Windows 10, versiones anteriores a 5.4.3.0 Intel® Chipset Device Software (INF Update Utility), versiones anteriores a 10.1.1.45 Descripción:  Intel ha publicado múltiples vulnerabilidades que afectan a varios de sus productos. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-intel-10

We’re currently experiencing a powerful DDoS attack, #Telegram users in the Americas and some users from other countries may experience connection issues. https://twitter.com/telegram/status/1138768124914929664

#Microsoft #NTLM Flaws Expose All Windows Machines to RCE Attacks Two critical vulnerabilities in Microsoft's NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version. https://www.bleepingcomputer.com/news/security/microsoft-ntlm-flaws-expose-all-windows-machines-to-rce-attacks/

Bad Cert Vulnerability Can Bring Down Any #WindowsServer A Google security expert today revealed that an unpatched issue in the main cryptographic library of Microsoft's operating system can cause a denial-of-service ( #DoS ) condition in Windows 8 servers and above. https://www.bleepingcomputer.com/news/security/bad-cert-vulnerability-can-bring-down-any-windows-server/

#Microsoft June 2019 Patch Tuesday fixes many of #SandboxEscaper zero-days Microsoft patches four of five zero-days published by SandboxEscaper. https://www.zdnet.com/article/microsofts-june-2019-patch-tuesday-fixes-many-of-sandboxescapers-zero-days/

#Adobe Issues Critical Patches for ColdFusion, #FlashPlayer, Campaign Software Adobe has just released the latest June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign. https://thehackernews.com/2019/06/adobe-patch-june.html