es
Feedback
SysAdmin 24x7

SysAdmin 24x7

Ir al canal en Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Mostrar más
4 387
Suscriptores
+124 horas
-47 días
Sin datos30 días
Archivo de publicaciones
LOLBAS: colección de scripts para ataques en Red Team https://blog.segu-info.com.ar/2018/10/lolbas-coleccion-de-scripts-para.html

Windows ‘Deletebug’ Zero-Day Allows Privilege Escalation, Destruction https://threatpost.com/windows-deletebug-zero-day-allows-privilege-escalation-destruction/138550/

Vulnerabilidad en Cisco Webex Meetings Desktop App Update Service Fecha de publicación: 25/10/2018 Importancia: 4 - Alta Recursos afectados:  Cisco Webex Meetings Desktop App versiones anteriores a la 33.6.0 Cisco Webex Productivity Tools versiones 32.6.0 y posteriores, hasta la 33.0.5 https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-cisco-webex-meetings-desktop-app-update-service

DNS over HTTPS (DoH) C2 (command and control) for Cobalt Strike https://github.com/SpiderLabs/DoHC2

“Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/

Mozilla Releases Security Updates for Firefox Original release date: October 23, 2018 Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefox 63 and Firefox ESR 60.3and apply the necessary updates. https://www.us-cert.gov/ncas/current-activity/2018/10/23/Mozilla-Releases-Security-Updates-Firefox

Descubiertas vulnerabilidades críticas en el sistema operativo de Amazon: FreeRTOS http://unaaldia.hispasec.com/2018/10/descubiertas-vulnerabilidades-criticas.html

Vendors confirm products affected by libssh bug as PoC code pops up on GitHub Red Hat and F5 Networks acknowledge that some products are vulnerable to the libssh authentication bug. https://www.zdnet.com/article/vendors-confirm-products-affected-by-libssh-bug-as-poc-code-pops-up-on-github/

OpenSSH 7.9 released: fixed bugs https://meterpreter.org/openssh/

CVE-2018-8569 | Yammer Desktop Application Remote Code Execution Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569

Kaspersky says it detected infections with DarkPulsar, alleged NSA malware Victims located in Russia, Iran, and Egypt; related to nuclear energy, telecommunications, IT, aerospace, and R&D. https://www.zdnet.com/article/kaspersky-says-it-detected-infections-with-darkpulsar-alleged-nsa-malware/

Descubren una vulnerabilidad sin parchear que puede modificar tu ordenador con Windows https://www.adslzone.net/2018/10/18/vulnerabilidad-permisos-administrador-windows/

Critical Flaw Found in Streaming Library Used by VLC and Other Media Players [...] "A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution," Cisco Talos' security advisory says. "An attacker can send a packet to trigger this vulnerability." [...] https://thehackernews.com/2018/10/critical-flaw-found-in-streaming.html