SysAdmin 24x7
Відкрити в Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Показати більше4 386
Підписники
-124 години
-87 днів
+330 день
Архів дописів
4 386
DNS Hijacking Abuses Trust In Core Internet Service
https://blog.talosintelligence.com/2019/04/seaturtle.html
4 386
Malvertising Campaign Abused Chrome to Hijack 500 Million iOS User Sessions
https://www.bleepingcomputer.com/news/security/malvertising-campaign-abused-chrome-to-hijack-500-million-ios-user-sessions/
4 386
Actualizaciones críticas en Oracle (abril 2019)
Fecha de publicación: 17/04/2019
Importancia: 5 - Crítica
Descripción:
Oracle ha publicado una actualización crítica con parches para corregir vulnerabilidades que afectan a múltiples productos.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-abril-2019
4 386
European Commission: No Evidence of Issues With Kaspersky Products
https://www.securityweek.com/european-commission-no-evidence-issues-kaspersky-products
4 386
New Details Emerge on Windows Zero Day
https://www.darkreading.com/vulnerabilities---threats/new-details-emerge-on-windows-zero-day/d/d-id/1334422
4 386
DCEPT
DCEPT (Domain Controller Enticing Password Tripwire) is a honeytoken-based tripwire for Microsoft's Active Directory.
https://github.com/secureworks/dcept
4 386
Herramienta para implementar y detectar el uso de honeytokens en Active Directory.
https://www.gurudelainformatica.es/2019/03/herramienta-para-implementar-y-detectar.html
4 386
Patched Windows Zero-Day Provided Full Control Over Vulnerable Systems
https://www.bleepingcomputer.com/news/security/patched-windows-zero-day-provided-full-control-over-vulnerable-systems/
4 386
Apache Tomcat Patches Important Remote Code Execution Flaw
Affected Tomcat Versions
Apache Tomcat 9.0.0.M1 to 9.0.17
Apache Tomcat 8.5.0 to 8.5.39
Apache Tomcat 7.0.0 to 7.0.93
https://thehackernews.com/2019/04/apache-tomcat-security-flaw.html
4 386
Rootpipe Reborn Part I: CVE-2019–8513 TimeMachine root command injection
https://medium.com/0xcc/rootpipe-reborn-part-i-cve-2019-8513-timemachine-root-command-injection-47e056b3cb43
4 386
smbdoor
The proof-of-concept smbdoor.sys driver is a silent remote backdoor that does not bind new sockets or perform function modification hooking. Instead it abuses undocumented APIs in srvnet.sys to register itself as a valid SMB handler.
https://github.com/zerosum0x0/smbdoor
4 386
Malware sin archivo ataca a usuarios de instituciones financieras en América Latina
https://noticiasseguridad.com/malware-virus/malware-sin-archivo-ataca-a-usuarios-de-instituciones-financieras-en-america-latina/
4 386
Bypassing AD account lockout for a compromised account
https://medium.com/@markmotig/bypassing-ad-account-lockout-for-a-compromised-account-5c908d663de8
4 386
RedHunt Linux Distribution (VM)
RedHunt Linux Distribution (VM) es máquina virtual para la emulación de adversarios y la caza de amenazas. Pretende ser una "ventanilla única" para todas las necesidades de emulación de amenazas y búsqueda de amenazas al integrar el arsenal del atacante y el conjunto de herramientas del defensor para identificar activamente las amenazas en el entorno.
https://www.hackplayers.com/2019/04/redhunt-linux-distribution-vm.html
4 386
US-Cert alert! Thanks to a massive bug, VPN now stands for "Vigorously Pwned Nodes"
Multiple providers leaving storage cookies up for grabs
https://www.theregister.co.uk/2019/04/12/uscert_vpn_alert/
4 386
VPN applications insecurely store session cookies
Vulnerability Note VU#192371
https://www.kb.cert.org/vuls/id/192371/
4 386
🎓 Taller de comunicaciones seguras en PCs con Tails/TOR para periodistas, profesionales de la comunicación y activistas en Barcelona. 24 de Abril de 2019
https://www.noconname.org/producto/ncn-labs-anti-surveillance-workshop-3/
#Curso #SeguridadInformática #Privacidad
4 386
Oracle April 2019 Critical Patch Update Multiple Vulnerabilities
Solution:
The vendor planned to release updates to address these issues on April 16, 2019. Please see the references for more information.
https://www.securityfocus.com/bid/107875
4 386
Intel SA-00185 CSME-SPS-TXE-AMT Vulnerabilities in NetApp Products
Impact
Successful exploitation of these vulnerabilities could lead to information disclosure, Denial of Service (DoS) or arbitrary code execution.
For virtualized deployments, NetApp recommends working with your hypervisor and cloud platform vendors to ensure that your NetApp product is running on a secure and patched platform. For Docker-based deployments, NetApp recommends working with your operating system and hardware vendors to ensure that your NetApp product is running on a secure and patched platform.
https://security.netapp.com/advisory/ntap-20190318-0001/
4 386
CVE-2018-20685 OpenSSH Vulnerability in NetApp Products
Impact
Successful exploitation of this vulnerability could lead to could lead to unauthorized addition or modification of data.
https://security.netapp.com/advisory/ntap-20190215-0001/
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
