SysAdmin 24x7
Ir al canal en Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Mostrar más4 390
Suscriptores
-224 horas
-27 días
+930 días
Archivo de publicaciones
4 390
Google Releases Security Updates for Chrome
Google has released security updates for Chrome version 79.0.3945.117 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.
https://www.us-cert.gov/ncas/current-activity/2020/01/08/google-releases-security-updates-chrome
4 390
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 72 and Firefox ESR 68.4 and apply the necessary updates.
https://www.us-cert.gov/ncas/current-activity/2020/01/08/mozilla-releases-security-updates-firefox-and-firefox-esr
4 390
Citrix Application Delivery Controller and Citrix Gateway Vulnerability
The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway. A remote attacker could exploit this vulnerability to run arbitrary code on a targeted system. This vulnerability was detected in exploits in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#619785 and Citrix Security Bulletin CTX267027 for more information and workarounds.
https://www.us-cert.gov/ncas/current-activity/2020/01/08/citrix-application-delivery-controller-and-citrix-gateway
4 390
Mozilla Patches Critical Vulnerability
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.
https://www.us-cert.gov/ncas/current-activity/2020/01/08/mozilla-patches-critical-vulnerability
4 390
Múltiples vulnerabilidades en productos Cisco
Fecha de publicación: 09/01/2020
Importancia: 4 - Alta
Recursos afectados:
Cisco IOS y Cisco IOS XE, versiones anteriores a 16.1.1 con la funcionalidad HTTP Server habilitada.
Cisco Webex Video Mesh, versiones anteriores a 2019.09.19.1956m.
Descripción:
Se han identificado dos vulnerabilidades en productos Cisco, ambas de severidad alta, que podrían permitir a un atacante remoto realizar CSRF (Cross-Site Request Forgery) o inyección de comandos en el sistema afectado.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-59
4 390
Múltiples vulnerabilidades en productos Juniper
Fecha de publicación: 09/01/2020
Importancia: 4 - Alta
Descripción:
Se han publicado múltiples vulnerabilidades en productos Juniper que podrían permitir a un atacante ejecutar comandos como root, provocar la denegación del servicio, secuestrar la sesión J-Web para llevar a cabo acciones de administración o provocar el cierre inesperado y el reinicio del dispositivo.
Solución:
Actualizar los productos afectados desde el centro de descargas de Juniper.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-juniper-6
4 390
SNAKE Ransomware is targeting business networks
A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks.
https://securityaffairs.co/wordpress/96137/malware/snake-ransomware.html
4 390
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager (DCNM). A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
Cisco Data Center Network Manager SQL Injection Vulnerabilities
Cisco Data Center Network Manager Path Traversal Vulnerabilities
Cisco Data Center Network Manager Command Injection Vulnerabilities
https://www.us-cert.gov/ncas/current-activity/2020/01/07/cisco-releases-security-updates
4 390
Tails 4.2 Fixes Numerous Security Flaws, Improves Direct Upgrades
The Tails Project released a new version of the security-focused Tails Linux distribution and advises users to upgrade as soon as possible to fix multiple security vulnerabilities impacting the previous Tails 4.1.1 version.
https://www.bleepingcomputer.com/news/linux/tails-42-fixes-numerous-security-flaws-improves-direct-upgrades/
4 390
Vulnerabilidad de inyección SQL en phpMyAdmin
Fecha de publicación: 08/01/2020
Importancia: 4 - Alta
Recursos afectados:
phpMyAdmin, rama de versiones 4.x anteriores a la 4.9.4,
phpMyAdmin versión 5.0.0.
Descripción:
CSW Research Labs ha detectado una vulnerabilidad de criticidad alta que afecta a varias versiones de phpMyAdmin. Un atacante podría realizar una inyección SQL.
Solución:
Versiones de la rama 4.x de phpMyAdmin:
Para las versiones 4.8 y 4.9, actualizar a la versión 4.9.4 o superior.
Para versiones anteriores, aplicar este parche de seguridad.
Versiones de la rama 5.x de phpMyAdmin, actualizar a la versión 5.0.1 o superior.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-sql-phpmyadmin-0
4 390
Vulnerabilidad de ejecución de código en e2fsprogs
Fecha de publicación: 08/01/2020
Importancia: 4 - Alta
Recursos afectados:
E2fsprogs, versiones 1.43.3 - 1.45.4.
Descripción:
La investigadora Lilith, de Cisco Talos, ha descubierto una vulnerabilidad de tipo ejecución de código en e2fsprogs, un paquete de utilidades para el mantenimiento de sistemas de ficheros ext2, ext3 y ext4.
Solución:
Actualizar e2fsprogs a la versión 1.45.5.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-ejecucion-codigo-e2fsprogs
4 390
SSH Pentesting Guide
A Comprehensive Guide to Breaking SSH.
https://community.turgensec.com/ssh-hacking-guide/
4 390
Cisco Data Center Network Manager Command Injection Vulnerabilities
Advisory ID: cisco-sa-20200102-dcnm-comm-inject
First Published: 2020 January 2 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs:
CSCvr44798
CSCvr46507
CVE-2019-15978
CVE-2019-15979
CWE-78
CVSS Score:Base 7.2
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS).
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject
4 390
Reverse Engineering and Code Emulation with #Ghidra
Slides: https://github.com/kc0bfv/Saintcon2019GhidraTalk
Video: https://twitch.tv/videos/498159435
Source of python pcode emulator: https://github.com/kc0bfv/pcode-emulator
4 390
Decrypting config.bin files for TP-Link WR841N, WA855RE, and probably more…
https://medium.com/@LargeCardinal/decrypting-config-bin-files-for-tp-link-wr841n-wa855re-and-probably-more-676de396d724
4 390
Aprovechando el Directorio Activo como C2 (Command & Control)
#Hackplayers
https://www.hackplayers.com/2019/12/directorio-activo-como-c2.html
4 390
Mozilla Adds Additional DNS-Over-HTTPS Provider to #Firefox
https://www.bleepingcomputer.com/news/software/mozilla-adds-additional-dns-over-https-provider-to-firefox/
4 390
UhOh365
A script that can see if an email address is valid in #Office365. This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.
#Microsoft does not consider "email enumeration" a vulnerability, so this is taking advantage of a "feature". There are a couple other public Office365 email validation scripts out there, but they all (that I have seen) require at least 1 login attempt per user account. That is detectable and can be found as a light bruteforce attempt (1 "common" password across multiple accounts).
This script allows for email validation with zero login attempts and only uses Microsoft's built-in Autodiscover API so it is invisible to the person/company who owns the email address. Furthermore, this API call appears to be completely unthrottled and I was able to validate over 2,000 email addresses within 1 minute in my testing.
https://github.com/Raikia/UhOh365
4 390
Fuga de memoria en el proceso tmrouted en BIG-IP de F5
Fecha de publicación: 26/12/2019
Importancia: 4 - Alta
Recursos afectados:
BIG-IP (LTM), versiones:
15.0.0 - 15.0.1;
14.1.0 - 14.1.2;
14.0.0 - 14.0.1;
13.1.0 - 13.1.3;
12.1.0 - 12.1.5.
Descripción:
Una vulnerabilidad en los sistemas BIG-IP, con licencia Routing y configurado con Multicast Forwarding Cache (MFC), podría permitir a un atacante provocar la denegación del servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/fuga-memoria-el-proceso-tmrouted-big-ip-f5
4 390
Vulnerabilidad de inyección de parámetros en IBM Spectrum Scale
Fecha de publicación: 26/12/2019
Importancia: 4 - Alta
Recursos afectados:
IBM Elastic Storage Server, versiones:
desde 5.3.0, hasta 5.3.4.1;
desde 5.0.0, hasta 5.2.7.0;
desde 4.5.0, hasta 4.6.0.0;
desde 4.0.0, hasta 4.0.6.0.
Descripción:
IBM Elastic Storage Server está afectado por una vulnerabilidad en IBM Spectrum Scale, donde se pueden obtener privilegios de root inyectando parámetros en los archivos setuid.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-parametros-ibm-spectrum-scale
¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
