SysAdmin 24x7
Відкрити в Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Показати більше4 387
Підписники
-224 години
-17 днів
-230 день
Архів дописів
4 387
Vulnerabilidades en OpenPGP y S/MIME en los clientes de correo
Fecha de publicación: 15/05/2018
Importancia: 4 - Alta
Recursos afectados:
La mayoría de implementaciones OpenPGP y S/MIME en los clientes de correo más populares.
https://t.me/sysadmin24x7/1416
https://www.certsi.es/track/click/22287/26803
4 387
Malware Found on the Ubuntu Snap Store
Malware has been found hiding inside software on the Ubuntu Snap store.
A pair of (seemingly normal) apps hosted by the Canonical-backed app hub were discovered to contain a сryptocurrency miner disguised as the “systemd” daemon.
https://www.omgubuntu.co.uk/2018/05/ubuntu-snap-malware/amp
4 387
Attention PGP Users: New Vulnerabilities Require You To Take Action Now
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
4 387
Portable Penetration Testing Distribution for Windows: PentestBox
PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetration testing distributions users uses windows and provides an efficient platform for Penetration Testing on windows. It provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows.
https://n0where.net/portable-penetration-testing-distribution-for-windows
4 387
Highly Customizable Raspberry Pi USB Attack Platform: P4wnP1
P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor).
https://n0where.net/highly-customizable-raspberry-pi-usb-attack-platform-p4wnp1
4 387
Severe Bug Discovered in Signal Messaging App for Windows and Linux
https://thehackernews.com/2018/05/signal-messenger-vulnerability.html
4 387
Forensic Data Extraction: Bulk Extractor
https://n0where.net/forensic-data-extraction-bulk-extractor
4 387
Microsoft Log Parser, la gran desconocida…
https://aprendizdesysadmin.com/microsoft-log-parser-la-gran-desconocida/
4 387
Google Releases Security Update for Chrome
Google has released Chrome version 66.0.3359.170 for Windows, Mac, and Linux. This version addresses vulnerabilities, one of which a remote attacker could exploit to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2018/05/10/Google-Releases-Security-Update-Chrome
4 387
Disponible el informe anual del CCN-CERT sobre amenazas y vulnerabilidades en dispositivos móviles
http://unaaldia.hispasec.com/2018/05/disponible-el-informe-anual-del-ccn.html
4 387
Detectado backdoor en el módulo Python SSH Decorate / Decorator
http://unaaldia.hispasec.com/2018/05/detectado-backdoor-en-el-modulo-python.html
4 387
Actualización de seguridad de SAP de mayo 2018
Fecha de publicación: 10/05/2018
Importancia: 3 - Media
Recursos afectados:
SAP Internet Graphics Server, versiones 7.20, 7.20EXT, 7.45, 7.45, 7.49, 7.53
SAP MaxDB ODBC driver, versiones 7.9.09.07
SAP Identity Management, versión 8.0
SAP NetWeaver Application Server Java Web Container y HTTP Service
SAP Netweaver Security Audit Logging, versiones 7.21, 7.21EXT, 7.22, 7.22EXT, 7.40, 7.41, 7.42, 7.45, 7.50
SAP Enterprise Financial Services
https://www.certsi.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-mayo-2018
4 387
Denegación de servicio en NetBSD a través de IPsec
http://unaaldia.hispasec.com/2018/05/denegacion-de-servicio-en-netbsd-traves.html
4 387
Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links
https://thehackernews.com/2018/05/microsoft-safelinks-phishing.html
4 387
After a long development phase openmediavault 4 (Arrakis) has been released.
Please visit https://www.openmediavault.org/?p=2270 for more information.
4 387
At 30.06.2018 openmediavault 3.x will become EOL. This means no security/bugfix updates will be released anymore. Please upgrade to 4.x to be up-to-date.
4 387
Seth : Perform a MitM attack and extract clear text credentials from RDP connections
https://github.com/SySS-Research/Seth
4 387
Tracy is a pen-testing tool designed to assist with finding XSS issues during an app's creation
https://github.com/nccgroup/tracy
