fa
Feedback
SysAdmin 24x7

SysAdmin 24x7

رفتن به کانال در Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

نمایش بیشتر
4 387
مشترکین
-224 ساعت
-17 روز
-230 روز
آرشیو پست ها
Vulnerabilidades en OpenPGP y S/MIME en los clientes de correo Fecha de publicación: 15/05/2018 Importancia: 4 - Alta Recursos afectados:  La mayoría de implementaciones OpenPGP y S/MIME en los clientes de correo más populares. https://t.me/sysadmin24x7/1416 https://www.certsi.es/track/click/22287/26803

Malware Found on the Ubuntu Snap Store Malware has been found hiding inside software on the Ubuntu Snap store. A pair of (seemingly normal) apps hosted by the Canonical-backed app hub were discovered to contain a сryptocurrency miner disguised as the “systemd” daemon. https://www.omgubuntu.co.uk/2018/05/ubuntu-snap-malware/amp

Attention PGP Users: New Vulnerabilities Require You To Take Action Now https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now

Portable Penetration Testing Distribution for Windows: PentestBox PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetration testing distributions users uses windows and provides an efficient platform for Penetration Testing on windows. It provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows. https://n0where.net/portable-penetration-testing-distribution-for-windows

Highly Customizable Raspberry Pi USB Attack Platform: P4wnP1 P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor). https://n0where.net/highly-customizable-raspberry-pi-usb-attack-platform-p4wnp1

Severe Bug Discovered in Signal Messaging App for Windows and Linux https://thehackernews.com/2018/05/signal-messenger-vulnerability.html

Forensic Data Extraction: Bulk Extractor https://n0where.net/forensic-data-extraction-bulk-extractor

Google Releases Security Update for Chrome Google has released Chrome version 66.0.3359.170 for Windows, Mac, and Linux. This version addresses vulnerabilities, one of which a remote attacker could exploit to take control of an affected system. https://www.us-cert.gov/ncas/current-activity/2018/05/10/Google-Releases-Security-Update-Chrome

Disponible el informe anual del CCN-CERT sobre amenazas y vulnerabilidades en dispositivos móviles http://unaaldia.hispasec.com/2018/05/disponible-el-informe-anual-del-ccn.html

Detectado backdoor en el módulo Python SSH Decorate / Decorator http://unaaldia.hispasec.com/2018/05/detectado-backdoor-en-el-modulo-python.html

Actualización de seguridad de SAP de mayo 2018 Fecha de publicación: 10/05/2018 Importancia: 3 - Media Recursos afectados:  SAP Internet Graphics Server, versiones 7.20, 7.20EXT, 7.45, 7.45, 7.49, 7.53 SAP MaxDB ODBC driver, versiones 7.9.09.07 SAP Identity Management, versión 8.0 SAP NetWeaver Application Server Java Web Container y HTTP Service SAP Netweaver Security Audit Logging, versiones 7.21, 7.21EXT, 7.22, 7.22EXT, 7.40, 7.41, 7.42, 7.45, 7.50 SAP Enterprise Financial Services https://www.certsi.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-mayo-2018

Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links https://thehackernews.com/2018/05/microsoft-safelinks-phishing.html

After a long development phase openmediavault 4 (Arrakis) has been released. Please visit https://www.openmediavault.org/?p=2270 for more information.

At 30.06.2018 openmediavault 3.x will become EOL. This means no security/bugfix updates will be released anymore. Please upgrade to 4.x to be up-to-date.

Seth : Perform a MitM attack and extract clear text credentials from RDP connections https://github.com/SySS-Research/Seth

Tracy is a pen-testing tool designed to assist with finding XSS issues during an app's creation https://github.com/nccgroup/tracy