fa
Feedback
SysAdmin 24x7

SysAdmin 24x7

رفتن به کانال در Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

نمایش بیشتر
4 386
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-37 روز
+430 روز
آرشیو پست ها
#Microsoft delivers public preview of #Azure #Bastion service for remotely accessing VMs more securely Microsoft's newest Azure service, Bastion, is now in public preview and is meant to bring another level of security to remotely accessing virtual machines. https://www.zdnet.com/article/microsoft-delivers-public-preview-of-azure-bastion-service-for-remotely-accessing-vms-more-securely/

Emergency!! Zero-day Flaw in FireFox Let Hackers Take Full Control of Your Computer – Update Your #FireFox Now Mozilla released a security update for Critical Zero-day vulnerability that fixed in a new version of Firefox 67.0.3 and Firefox ESR 60.7. Critical vulnerabilities can be used to run attacker code and install software, requiring no user interaction beyond normal browsing. https://gbhackers.com/firefox-67-0-3/amp/

Vulnerabilidad de control de acceso inadecuado en AppDNA de Citrix Fecha de publicación: 18/06/2019 Importancia: 4 - Alta Recursos afectados:  AppDNA, versión 7.18 y anteriores. Descripción:  Citrix ha identificado una vulnerabilidad de control de acceso inadecuado en su producto AppDNA. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-control-acceso-inadecuado-appdna-citrix

Endpoint Detection and Response ( #EDR ): What You Need to Know https://dzone.com/articles/10-ways-to-identify-and-fix-open-source-vulnerabil

Multiple #DoS vulnerabilities affect #Linux and #FreeBSD Netflix researcher has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels that could trigger a DoS condition. https://securityaffairs.co/wordpress/87244/security/dos-flaws-linux-freebsd.html

#GandCrab #Ransomware #Decryption Tool [All Versions] — Recover Files for Free Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals. https://thehackernews.com/2019/06/gandcrab-ransomware-decryption-tool.html

GoldBrute #Botnet Brute Forcing 1.5 Million #RDP Servers RDP, the remote desktop protocol, made the news recently after #Microsoft patched a critical remote code execution vulnerability (CVE-2019–0708).  https://morphuslabs.com/goldbrute-botnet-brute-forcing-1-5-million-rdp-servers-371f219ec37d

Alert (AA19-168A) Microsoft Operating Systems BlueKeep Vulnerability https://www.us-cert.gov/ncas/alerts/AA19-168A

#Linux worm spreading via #Exim servers hit #Azure customers On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim email servers, that already compromised some Azure installs. Bad actors continue to target cloud services in the attempt of abusing them for several malicious purposes, like storing malware or implementing command and control servers. https://securityaffairs.co/wordpress/87168/hacking/linux-worm-exim-servers.html

Múltiples vulnerabilidades en routers Netgear Fecha de publicación: 17/06/2019 Importancia: 4 - Alta Recursos afectados:  Wireless AC Router Nighthawk, modelos: R7900, ejecutando una versión de firmwareanterior a la versión 1.0.3.14_10.0.40_BETA. R8000, ejecutando una versión de firmwareanterior a la versión 1.0.4.38_10.1.59_BETA. Descripción:  Cisco Talos ha descubierto dos vulnerabilidades de criticidad alta en el firmware para KCodes NetUSB de NETGEAR. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-routers-netgear-0

Múltiples vulnerabilidades en productos de IBM Fecha de publicación: 17/06/2019 Importancia: 4 - Alta Recursos afectados:  IBM InfoSphere Information: Server, versiones 11.3, 11.5 y 11.7; Governance Catalog, versiones 11.3, 11.5 y 11.7; Server en Cloud, versiones 11.5 y 11.7; Server Business Glossary, versión 9.1; Server Metadata Workbench, versión 9.1. IBM Tivoli Netcool Impact, versiones desde 7.1.0.0 hasta 7.1.0.15. Descripción:  IBM ha reportado dos vulnerabilidades de tipo inyección XXE (XML External Entity) y ejecución remota de código en sus productos IBM InfoSphere Information Server e IBM Tivoli Netcool Impact, respectivamente. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-ibm-6

SysAdmin 24x7 Noticias y alertas de seguridad informática. Enlace de invitación: https://t.me/sysadmin24x7 Acceso web: https://t.me/s/sysadmin24x7

Security Advisory: Critical Vulnerabilities in #NTLM Allow Remote Code Execution and Cloud Resources Compromise https://blog.preempt.com/security-advisory-critical-vulnerabilities-in-ntlm

New Echobot Botnet targets #Oracle, #VMware Apps and includes 26 Exploits Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. https://securityaffairs.co/wordpress/87177/malware/echobot-botnet-26-exploits.html

New #Android #Trojan Leads Users to Scam Sites via Notifications A new Android Trojan that uses web push notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store. Multiple fake apps of well-known brands that distributed the malware dubbed Android.FakeApp.174 got removed in early June after researchers from Doctor Web reported them to Google. https://www.bleepingcomputer.com/news/security/new-android-trojan-leads-users-to-scam-sites-via-notifications/

Advisory (ICSA-19-164-02) #WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505 RISK EVALUATION Successful exploitation of these vulnerabilities could allow a compromise of the managed switch, resulting in disruption of communication, and root access to the operating system.  https://ics-cert.us-cert.gov/advisories/ICSA-19-164-02

#Mozilla Releases Security Update for #Thunderbird Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.7.1 and apply the necessary update. https://www.us-cert.gov/ncas/current-activity/2019/06/13/Mozilla-Releases-Security-Update-Thunderbird