SysAdmin 24x7
رفتن به کانال در Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
نمایش بیشتر4 386
مشترکین
-124 ساعت
-77 روز
-230 روز
آرشیو پست ها
4 386
WinRAR versions released in the last 19 years impacted by severe security flaw
Over 500 million WinRAR users at risk. Users advised to update WinRAR as soon as possible.
https://www.zdnet.com/article/winrar-versions-released-in-the-last-19-years-impacted-by-severe-security-flaw/
4 386
Microsoft Edge oculta una 'white list' que le permite a Facebook ejecutar código Flash sin que el usuario lo sepa
https://m.xataka.com/aplicaciones/microsoft-edge-oculta-white-list-que-le-permite-a-facebook-ejecutar-codigo-flash-que-usuario-sepa/
4 386
Physical Extraction and File System Imaging of iOS 12 Devices
The new generation of jailbreaks has arrived for iPhones and iPads running iOS 12. Rootless jailbreaks
https://blog.elcomsoft.com/2019/02/physical-extraction-and-file-system-imaging-of-ios-12-devices/
4 386
Abusing Unsafe Defaults in Active Directory Domain Services: A Real-World Case Study
https://gosecure.net/2019/02/20/abusing-unsafe-defaults-in-active-directory
4 386
Kali Linux 2019.1 Released — Operating System For Hackers
https://thehackernews.com/2019/02/kali-linux-hackers-os.html
4 386
Hacker puts up for sale third round of hacked databases on the Dark Web
Hacker is selling 93 million user records from eight companies, including GfyCat
https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/
4 386
Vulnerabilidad en el container runc de VMware
Fecha de publicación: 18/02/2019
Importancia: 4 - Alta
Recursos afectados:
VMware Integrated OpenStack con Kubernetes (VIO-K), versiones 5.x
VMware PKS (PKS), versiones 1.3.x y 1.2.x
VMware vCloud Director Container Service Extension (CSE), versiones 1.x
vSphere Integrated Containers (VIC), versiones 1.x
Descripción:
Se ha publicado una actualización de productos VMware que resuelve una vulnerabilidad en la gestión del descriptor de ficheros en tiempo de ejecución del contenedor runc.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-el-container-runc-vmware
4 386
Nueva campaña de Phishing contra Facebook
https://unaaldia.hispasec.com/2019/02/nueva-campana-de-phishing-contra-facebook.html
4 386
Un fallo de seguridad en Facebook permite ver fotos privadas de otros usuarios
https://unaaldia.hispasec.com/2019/02/un-fallo-de-seguridad-en-facebook-permite-ver-fotos-privadas-de-otros-usuarios.html
4 386
Secuestro de cuenta en Facebook
https://unaaldia.hispasec.com/2019/02/secuestro-de-cuenta-en-facebook.html
4 386
Técnicas de detección de VMs y contramedidas https://www.hackplayers.com/2019/02/deteccion-de-VMs-y-contramedidas.html
4 386
Inmersión en la post-explotación tiene rima (by @CyberVaca_ #hc0n2019) https://www.hackplayers.com/2019/02/inmersion-en-la-post-explotacion-hc0n2019.html
4 386
Email Forensics: Investigation Techniques
https://articles.forensicfocus.com/2019/02/15/email-forensics-investigation-techniques/
4 386
Open sourcing ClusterFuzz
Fuzzing is an automated method for detecting bugs in software that works by feeding unexpected inputs to a target program. It is effective at finding memory corruption bugs, which often have serioussecurity implications. Manually finding these issues is both difficult and time consuming, and bugs often slip through despite rigorous code review practices. For software projects written in an unsafelanguage such as C or C++, fuzzing is a crucial part of ensuring their security and stability.
https://opensource.googleblog.com/2019/02/open-sourcing-clusterfuzz.html
4 386
Otro adolescente encuentra una vulnerabilidad (esta vez en macOS) y no quiere contar cómo lo hizo
https://www.seguridadapple.com/2019/02/otro-adolescente-encuentra-una.html
4 386
Elevación de privilegios local en el gestor de paquetes Snapd ‘Dirty Sock’
https://unaaldia.hispasec.com/2019/02/elevacion-de-privilegios-local-en-el-gestor-de-paquetes-snapd-dirty-sock.html
4 386
Cómo lograr la máxima eficacia en la configuración de un firewall
Un firewall es la primera línea de defensa contra amenazas a la seguridad; no obstante, el simple hecho de agregar dispositivos de firewall a su red, de ninguna forma garantiza su seguridad.
http://www.cioal.com/2019/02/13/como-lograr-la-maxima-eficacia-en-la-configuracion-de-un-firewall/
4 386
Volatility Workbench is a graphical user interface (GUI) for the Volatility tool.
Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is free, open source and runs in Windows. It provides a number of advantages over the command line version including.
https://www.osforensics.com/tools/volatility-workbench.html
4 386
ADV190006 | Guidance to mitigate unconstrained delegation vulnerabilities
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190006
4 386
Red Team's SIEM
easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations.
Initial public release at BruCON 2018
https://github.com/outflanknl/RedELK
