fa
Feedback
SysAdmin 24x7

SysAdmin 24x7

رفتن به کانال در Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

نمایش بیشتر
4 386
مشترکین
-124 ساعت
-77 روز
-230 روز
آرشیو پست ها
WinRAR versions released in the last 19 years impacted by severe security flaw Over 500 million WinRAR users at risk. Users advised to update WinRAR as soon as possible. https://www.zdnet.com/article/winrar-versions-released-in-the-last-19-years-impacted-by-severe-security-flaw/

Microsoft Edge oculta una 'white list' que le permite a Facebook ejecutar código Flash sin que el usuario lo sepa https://m.xataka.com/aplicaciones/microsoft-edge-oculta-white-list-que-le-permite-a-facebook-ejecutar-codigo-flash-que-usuario-sepa/

Physical Extraction and File System Imaging of iOS 12 Devices The new generation of jailbreaks has arrived for iPhones and iPads running iOS 12. Rootless jailbreaks  https://blog.elcomsoft.com/2019/02/physical-extraction-and-file-system-imaging-of-ios-12-devices/

Abusing Unsafe Defaults in Active Directory Domain Services: A Real-World Case Study https://gosecure.net/2019/02/20/abusing-unsafe-defaults-in-active-directory

Kali Linux 2019.1 Released — Operating System For Hackers https://thehackernews.com/2019/02/kali-linux-hackers-os.html

Hacker puts up for sale third round of hacked databases on the Dark Web Hacker is selling 93 million user records from eight companies, including GfyCat https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/

Vulnerabilidad en el container runc de VMware Fecha de publicación: 18/02/2019 Importancia: 4 - Alta Recursos afectados:  VMware Integrated OpenStack con Kubernetes (VIO-K), versiones 5.x VMware PKS (PKS), versiones 1.3.x y 1.2.x VMware vCloud Director Container Service Extension (CSE), versiones 1.x vSphere Integrated Containers (VIC), versiones 1.x Descripción:  Se ha publicado una actualización de productos VMware que resuelve una vulnerabilidad en la gestión del descriptor de ficheros en tiempo de ejecución del contenedor runc. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-el-container-runc-vmware

Inmersión en la post-explotación tiene rima (by @CyberVaca_ #hc0n2019) https://www.hackplayers.com/2019/02/inmersion-en-la-post-explotacion-hc0n2019.html

Open sourcing ClusterFuzz Fuzzing is an automated method for detecting bugs in software that works by feeding unexpected inputs to a target program. It is effective at finding memory corruption bugs, which often have serioussecurity implications. Manually finding these issues is both difficult and time consuming, and bugs often slip through despite rigorous code review practices. For software projects written in an unsafelanguage such as C or C++, fuzzing is a crucial part of ensuring their security and stability. https://opensource.googleblog.com/2019/02/open-sourcing-clusterfuzz.html

Otro adolescente encuentra una vulnerabilidad (esta vez en macOS) y no quiere contar cómo lo hizo https://www.seguridadapple.com/2019/02/otro-adolescente-encuentra-una.html

Elevación de privilegios local en el gestor de paquetes Snapd ‘Dirty Sock’ https://unaaldia.hispasec.com/2019/02/elevacion-de-privilegios-local-en-el-gestor-de-paquetes-snapd-dirty-sock.html

Cómo lograr la máxima eficacia en la configuración de un firewall Un firewall es la primera línea de defensa contra amenazas a la seguridad; no obstante, el simple hecho de agregar dispositivos de firewall a su red, de ninguna forma garantiza su seguridad. http://www.cioal.com/2019/02/13/como-lograr-la-maxima-eficacia-en-la-configuracion-de-un-firewall/

Volatility Workbench is a graphical user interface (GUI) for the Volatility tool. Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is free, open source and runs in Windows. It provides a number of advantages over the command line version including. https://www.osforensics.com/tools/volatility-workbench.html

ADV190006 | Guidance to mitigate unconstrained delegation vulnerabilities https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190006

Red Team's SIEM easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. Initial public release at BruCON 2018 https://github.com/outflanknl/RedELK