uk
Feedback
SysAdmin 24x7

SysAdmin 24x7

Відкрити в Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Показати більше
4 385
Підписники
-224 години
-77 днів
+630 день
Архів дописів
#Apple Releases Multiple Security Updates Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. https://www.us-cert.gov/ncas/current-activity/2019/07/22/apple-releases-multiple-security-updates

#ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers #RCE More than one million ProFTPD servers are vulnerable to remote code execution and information disclosure attacks that could be triggered after successful exploitation of an arbitrary file copy vulnerability. https://www.bleepingcomputer.com/news/security/proftpd-remote-code-execution-bug-exposes-over-1-million-servers/

#Linux #Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability https://www.securityfocus.com/bid/108410/info

#Skadi v2019.4 releases: Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux Skadi is a free, open-source collection of tools that enable the collection, processing and advanced analysis of #forensic artifacts and images. It scales to work effectively on laptops, desktops, servers, the cloud and can be installed on top of #hardened / gold disk images. https://securityonline.info/skadi/

Hackers breach FSB contractor, expose Tor deanonymization project and more SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service. https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/

Awesome #Sysadmin A curated list of amazingly awesome open source sysadmin #resources. https://github.com/kahun/awesome-sysadmin

Sliver: un #framework para implants muy interesante Sliver es un sistema de Comando y Control (C2) creado para #pentesters, #redteamers y #APT avanzadas. Genera implants o implantes (slivers) que pueden ejecutarse en prácticamente todas las arquitecturas, y administrar estas conexiones de forma segura a través de un servidor central. https://www.hackplayers.com/2019/06/sliver-un-framework-para-implants.html

📃 "Medición de la "Burbuja de filtro": Cómo influye Google en lo que haces clic" https://telegra.ph/Medici%C3%B3n-de-la-Burbuja-de-filtro-C%C3%B3mo-influye-Google-en-lo-que-haces-clic-06-17

#Microsoft #Windows Task Scheduler Local Privilege Escalation https://packetstormsecurity.com/files/153698/taskschdEoP_Report.txt

Canadian Centre for Cyber Security Releases #Advisory on #Fileless #Malware The Canadian Centre for Cyber Security (CCCS) has released an advisory on an #Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data. https://www.us-cert.gov/ncas/current-activity/2019/07/18/canadian-centre-cyber-security-releases-advisory-fileless-malware

Vulnerabilidad de ejecución remota de código en Palo Alto PAN-OS Fecha de publicación: 19/07/2019 Importancia: 5 - Crítica Recursos afectados:  PAN-OS 7.1.18 y anteriores. PAN-OS 8.0.11 y anteriores. PAN-OS 8.1.2 y anteriores. Descripción:  Palo Alto ha publicado una vulnerabilidad de severidad crítica, que podría permitir a un atacante no autenticado ejecutar código arbitrario. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-ejecucion-remota-codigo-palo-alto-pan-os

#Iomega and LenovoEMC NAS Vulnerability Lenovo Security Advisory: LEN-25557 Potential Impact: Information disclosure Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6160 https://support.lenovo.com/es/es/product_security/len-25557

#Lenovo Confirms 36TB Data Leak #Security #Vulnerability [...] Lenovo has now issued a security advisorywhich confirms that the firmware vulnerability “could allow an unauthenticated user to access files on NAS shares via the API.” According to the researchers, it was “trivially easy” to exploit that application programming interface (API) and allow attackers to access the data stored upon any of several Lenovo-EMC network-attached storage (NAS) devices. The full list of devices impacted by this vulnerability can be found in the Lenovo security advisory. [...] https://www.forbes.com/sites/daveywinder/2019/07/17/lenovo-confirms-36tb-data-leak-security-vulnerability/

Se ha encontrado un problema en la placa lógica de algunos #MacBook Air de 2018 https://www.seguridadapple.com/2019/07/se-ha-encontrado-un-problema-en-la.html

#Reverse engineering and penetration testing on #Android apps: my own list of tools This list of tools is really useful both in #penetration testing on an Android application and in reverse engineering of a suspicious application. https://www.andreafortuna.org/2019/07/18/reverse-engineering-and-penetration-testing-on-android-apps-my-own-list-of-tools/

Okrum: #Ke3chang group targets diplomatic missions Tracking the malicious activities of the elusive Ke3chang #APT group, ESET researchers have discovered new versions of malware families linked to the group, and a previously unreported backdoor https://www.welivesecurity.com/2019/07/18/okrum-ke3chang-targets-diplomatic-missions/

Múltiples vulnerabilidades en Jenkins Fecha de publicación: 18/07/2019 Importancia: Alta Recursos afectados: Jenkins Weekly, versiones 2.185 y anteriores. Jenkins LTS, versiones 2.176.1 y anteriores. Descripción Jenkins ha publicado 3 vulnerabilidades, una de criticidad alta y dos clasificadas como medias. La explotación de alguna de estas vulnerabilidades podría permitir realizar ataques Cross-site request forgery (CSRF), escribir archivos de forma arbitrario o acceso no autorizado a vista de fragmentos. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-jenkins-5

Vulnerabilidad de omisión de acceso en el core de Drupal Fecha de publicación: 18/07/2019 Importancia: 4 - Alta Recursos afectados:  Versión 8.7.4. Descripción:  Se ha descubierto una vulnerabilidad de omisión de acceso en el core de Drupal. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-omision-acceso-el-core-drupal