SysAdmin 24x7
رفتن به کانال در Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
نمایش بیشتر4 386
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-37 روز
+430 روز
آرشیو پست ها
4 385
#Microsoft delivers public preview of #Azure #Bastion service for remotely accessing VMs more securely
Microsoft's newest Azure service, Bastion, is now in public preview and is meant to bring another level of security to remotely accessing virtual machines.
https://www.zdnet.com/article/microsoft-delivers-public-preview-of-azure-bastion-service-for-remotely-accessing-vms-more-securely/
4 385
Emergency!! Zero-day Flaw in FireFox Let Hackers Take Full Control of Your Computer – Update Your #FireFox Now
Mozilla released a security update for Critical Zero-day vulnerability that fixed in a new version of Firefox 67.0.3 and Firefox ESR 60.7.
Critical vulnerabilities can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
https://gbhackers.com/firefox-67-0-3/amp/
4 385
Vulnerabilidad de control de acceso inadecuado en AppDNA de Citrix
Fecha de publicación: 18/06/2019
Importancia: 4 - Alta
Recursos afectados:
AppDNA, versión 7.18 y anteriores.
Descripción:
Citrix ha identificado una vulnerabilidad de control de acceso inadecuado en su producto AppDNA.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-control-acceso-inadecuado-appdna-citrix
4 385
Endpoint Detection and Response ( #EDR ): What You Need to Know
https://dzone.com/articles/10-ways-to-identify-and-fix-open-source-vulnerabil
4 385
Multiple #DoS vulnerabilities affect #Linux and #FreeBSD
Netflix researcher has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels that could trigger a DoS condition.
https://securityaffairs.co/wordpress/87244/security/dos-flaws-linux-freebsd.html
4 385
#GandCrab #Ransomware #Decryption Tool [All Versions] — Recover Files for Free
Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals.
https://thehackernews.com/2019/06/gandcrab-ransomware-decryption-tool.html
4 385
GoldBrute #Botnet Brute Forcing 1.5 Million #RDP Servers
RDP, the remote desktop protocol, made the news recently after #Microsoft patched a critical remote code execution vulnerability (CVE-2019–0708).
https://morphuslabs.com/goldbrute-botnet-brute-forcing-1-5-million-rdp-servers-371f219ec37d
4 385
Alert (AA19-168A)
Microsoft Operating Systems BlueKeep Vulnerability
https://www.us-cert.gov/ncas/alerts/AA19-168A
4 385
#Linux worm spreading via #Exim servers hit #Azure customers
On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim email servers, that already compromised some Azure installs.
Bad actors continue to target cloud services in the attempt of abusing them for several malicious purposes, like storing malware or implementing command and control servers.
https://securityaffairs.co/wordpress/87168/hacking/linux-worm-exim-servers.html
4 385
Múltiples vulnerabilidades en routers Netgear
Fecha de publicación: 17/06/2019
Importancia: 4 - Alta
Recursos afectados:
Wireless AC Router Nighthawk, modelos:
R7900, ejecutando una versión de firmwareanterior a la versión 1.0.3.14_10.0.40_BETA.
R8000, ejecutando una versión de firmwareanterior a la versión 1.0.4.38_10.1.59_BETA.
Descripción:
Cisco Talos ha descubierto dos vulnerabilidades de criticidad alta en el firmware para KCodes NetUSB de NETGEAR.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-routers-netgear-0
4 385
Múltiples vulnerabilidades en productos de IBM
Fecha de publicación: 17/06/2019
Importancia: 4 - Alta
Recursos afectados:
IBM InfoSphere Information:
Server, versiones 11.3, 11.5 y 11.7;
Governance Catalog, versiones 11.3, 11.5 y 11.7;
Server en Cloud, versiones 11.5 y 11.7;
Server Business Glossary, versión 9.1;
Server Metadata Workbench, versión 9.1.
IBM Tivoli Netcool Impact, versiones desde 7.1.0.0 hasta 7.1.0.15.
Descripción:
IBM ha reportado dos vulnerabilidades de tipo inyección XXE (XML External Entity) y ejecución remota de código en sus productos IBM InfoSphere Information Server e IBM Tivoli Netcool Impact, respectivamente.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-ibm-6
4 385
SysAdmin 24x7
Noticias y alertas de seguridad informática.
Enlace de invitación:
https://t.me/sysadmin24x7
Acceso web: https://t.me/s/sysadmin24x7
4 385
Disrupting the Empire: Identifying #PowerShell #Empire Command and Control Activity
https://www.sans.org/reading-room/whitepapers/incident/disrupting-empire-identifying-powershell-empire-command-control-activity-38315
4 385
Security Advisory: Critical Vulnerabilities in #NTLM Allow Remote Code Execution and Cloud Resources Compromise
https://blog.preempt.com/security-advisory-critical-vulnerabilities-in-ntlm
4 385
Monitor for, Investigate, and Respond to Phishing Payloads
https://www.splunk.com/blog/2019/06/12/monitor-for-investigate-and-respond-to-phishing-payloads-with-splunk-enterprise-security-content-update.html
4 385
New Echobot Botnet targets #Oracle, #VMware Apps and includes 26 Exploits
Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan.
https://securityaffairs.co/wordpress/87177/malware/echobot-botnet-26-exploits.html
4 385
New #Android #Trojan Leads Users to Scam Sites via Notifications
A new Android Trojan that uses web push notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store.
Multiple fake apps of well-known brands that distributed the malware dubbed Android.FakeApp.174 got removed in early June after researchers from Doctor Web reported them to Google.
https://www.bleepingcomputer.com/news/security/new-android-trojan-leads-users-to-scam-sites-via-notifications/
4 385
Advisory (ICSA-19-164-02)
#WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505
RISK EVALUATION
Successful exploitation of these vulnerabilities could allow a compromise of the managed switch, resulting in disruption of communication, and root access to the operating system.
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-02
4 385
#Mozilla Releases Security Update for #Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.7.1 and apply the necessary update.
https://www.us-cert.gov/ncas/current-activity/2019/06/13/Mozilla-Releases-Security-Update-Thunderbird
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
