uk
Feedback
SysAdmin 24x7

SysAdmin 24x7

Відкрити в Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Показати більше
4 386
Підписники
-124 години
-77 днів
-230 день
Архів дописів
Skadi is a free, open source collection of tools that enables the collection, processing and advanced analysis of forensic artifacts and images. It scales to work effectively on laptops, desktops, servers, the cloud, and can be installed on top of hardened / gold disk images. https://github.com/orlikoski/Skadi

RHSA-2019:0022: Important: Red Hat Security Advisory: keepalived security update Security Fix(es): keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or possibly arbitrary code execution (CVE-2018-19115) https://access.redhat.com/errata/RHSA-2019:0022

The Docker Bench For Security - A Script That Checks For Dozens Of Common Best-Practices Around Deploying Docker Containers In Production https://www.kitploit.com/2019/01/the-docker-bench-for-security-script.html

Securiza tu servidor MQTT y evitarás problemas ¿Por qué debemos dedicar un rato a securizar nuestros entornos? La Domótica y el protocolo MQTT https://medium.com/nuria-pp/securiza-tu-servidor-mqtt-y-evitar%C3%A1s-problemas-da7484064ba8

Gestor de contraseñas online, expone información de sus usuarios y avisa casi un año después https://unaaldia.hispasec.com/2019/01/brecha-en-abine-blur-gestor-de-contrasenas-online-expone-informacion-de-sus-usuarios.html

📃"ebook gratuito Practical Cryptography for Developers" https://www.hackplayers.com/2018/11/ebook-gratuito-practical-cryptography.html by @hpysnews El libro ENG https://cryptobook.nakov.com

Malicious use of Microsoft LAPS LAPS (Local Administrator Password Solution) is a tool for managing local administrator passwords for domain joined computers. https://akijosberryblog.wordpress.com/2019/01/01/malicious-use-of-microsoft-laps

#DFIR: No te creas todo lo que leas, porque todo depende del caso: Physical Imaging Android, (Paso a paso) https://www.fwhibbit.es/dfir-no-te-creas-todo-lo-que-leas-porque-todo-depende-del-caso-physical-imaging-android-paso-a-paso

androwarn: static code analyzer for malicious Android applications https://securityonline.info/androwarn/

Linux Kodachi 5.7 Ultimas Actualizaciones: 2018-12-31 22:31 UTC Linux Kodachi operating system is based on Debian 9.5 and Xubuntu 18.04 LTS it will provide you with a secure, anti forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure. https://www.digi77.com/linux-kodachi

Infección de procesos en Linux (parte I) https://www.tarlogic.com/blog/infeccion-procesos-linux-parte-i/

rtfraptor: Extract OLEv1 objects from RTF files by instrumenting Word https://securityonline.info/rtfraptor/

Expert published a PoC exploit code for RCE flaw in Microsoft Edge The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629). The vulnerability affects the JavaScript engine Chakra implemented in the Edge web browser, an attacker could exploit it to execute arbitrary code on the target machine with the same privileges as the logged user. [...]Even if Microsoft has addressed the flaw with December security updates, unpatched systems are exposed to attacks.[...] https://securityaffairs.co/wordpress/79264/hacking/microsoft-edge-poc-exploit.html

EU to fund bug bounty programs for 14 open source projects starting January 2019 Some of the approved projects include KeePass, 7-zip, VLC Media Player, Drupal, and FileZilla. https://www.zdnet.com/article/eu-to-fund-bug-bounty-programs-for-14-open-source-projects-starting-january-2019/

Real-Time Sysmon Processing via KSQL and HELK — Part 1: Initial Integration https://posts.specterops.io/real-time-sysmon-processing-via-ksql-and-helk-part-1-initial-integration-88c2b6eac839

remote-bitlocker-encryption-report This PowerShell script takes a list of PC as input, gets their BitLocker encryption type remotely, and outputs the list as a CSV file to help mitigate against CVE-2018-12038 (An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key). https://github.com/thom-s/remote-bitlocker-encryption-report