SysAdmin 24x7
Kanalga Telegram’da o‘tish
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Ko'proq ko'rsatish4 387
Obunachilar
+124 soatlar
-47 kunlar
Ma'lumot yo'q30 kunlar
Postlar arxiv
4 387
Los datos recolectados por Ubuntu ahora son públicos
https://tecnonucleous.com/2018/10/19/los-datos-recolectados-por-ubuntu-ahora-son-publicos/
4 387
Injecting Code into Windows Protected Processes using COM - Part 1
https://googleprojectzero.blogspot.com/2018/10/injecting-code-into-windows-protected.html
4 387
Zero-day in popular jQuery plugin actively exploited for at least three years
A fix is out but the plugin is used in hundreds, if not thousands, of projects. Patching will take ages!
https://www.zdnet.com/article/zero-day-in-popular-jquery-plugin-actively-exploited-for-at-least-three-years/
4 387
Red Hat Security Advisory 2018-2944-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an out-of-bounds write vulnerability.
https://packetstormsecurity.com/files/download/149862/RHSA-2018-2944-01.txt
4 387
Oracle Patches 301 Vulnerabilities in October Update
http://www.eweek.com/security/oracle-patches-301-vulnerabilities-in-october-update
4 387
RCE en receptores satélite Linux (y sin despeinarse)
https://www.hackplayers.com/2018/10/rce-en-receptores-satelite-linux-y-sin.html
4 387
Bug Trio Affecting Eight D-Link Models Leads to Full Compromise
Several router models from D-Link are vulnerable to three security bugs that could help an attacker get full control over them.
https://www.bleepingcomputer.com/news/security/bug-trio-affecting-eight-d-link-models-leads-to-full-compromise/
4 387
Múltiples vulnerabilidades en el núcleo de Drupal
Fecha de publicación: 18/10/2018
Importancia: 5 - Crítica
Recursos afectados:
Drupal versiones 7.x y 8.x
Descripción:
Drupal ha publicado un boletín de seguridad que contiene 5 vulnerabilidades que podrían derivar en evasión de autorización para accesos específicos, redirecciones a sitios arbitrarios o ejecución remota de código.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-el-nucleo-drupal-0
4 387
imR0T - Send A Message To Your Whatsapp Contact And Protect Your Text By Encrypting And Decrypting (ROT13)
https://amp.kitploit.com/2018/10/imr0t-send-message-to-your-whatsapp.html
====
https://github.com/Screetsec/imR0T
====
4 387
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. An attacker could exploit one of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2018/10/17/Cisco-Releases-Security-Updates
Cisco Security Advisories and Alerts
https://tools.cisco.com/security/center/publicationListing.x
4 387
Evasión de autenticación en librería libssh
Fecha de publicación: 17/10/2018
Importancia: 4 - Alta
Recursos afectados:
Versiones de libssh anteriores a 0.8.4 y a 0.7.6
Descripción:
El investigador Peter Winter-Smith de NCC Group ha descubierto una vulnerabilidad en la librería libssh, que podría permitir a un atacante que se autenticara sin la introducción de credenciales en sesiones SSH que usen las versiones afectadas de la librería.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/evasion-autenticacion-libreria-libssh
4 387
GPU-Z Can Now Detect Fake NVIDIA Graphic Cards
https://www.bleepingcomputer.com/news/software/gpu-z-can-now-detect-fake-nvidia-graphics-cards/
4 387
#Windows FSCTL_FIND_FILES_BY_SID Information Disclosure Platform: Windows 10 (1709, 1803) Class: Information Disclosure / Elevation of Privilege Summary: The FSCTL_FIND_FILES_BY_SID control code doesn’t check for permissions to list a directory leading to disclosure of file names when a user is not granted FILE_LIST_DIRECTORY access.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1608
4 387
Check Point Advisories
Microsoft Internet Explorer Memory Corruption (CVE-2018-8460)
Severity:Critical
https://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0997.html
4 387
New iPhone Bug Gives Anyone Access to Your Private Photos
https://amp.thehackernews.com/thn/2018/10/iphone-lock-passcode-bypass.html
4 387
RHSA-2018:2921 - Security Advisory
Sinopsis
Important: tomcat security update
Tipo/Gravedad
Security Advisory: Important
https://access.redhat.com/errata/RHSA-2018:2921
4 387
GandCrab ransomware variant targeting legacy systems: What you need to know
The newest variant of the prolific ransomware forms this year has been updated to include a stolen National Security Agency exploit.
https://www.healthcareitnews.com/news/gandcrab-ransomware-variant-targeting-legacy-systems-what-you-need-know
4 387
Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete
Experts from 0Patch revealed that the Microsoft Zero-Day Patch for JET Database Engine vulnerability (CVE-2018-8423) is incomplete.
https://securityaffairs.co/wordpress/77119/hacking/zero-day-patch-incomplete.html
4 387
Hackers are abusing Googlebot servers to deliver malicious payloads.
https://www.hackread.com/hackers-using-googlebots-in-cryptomining-malware-attacks/
4 387
Como resultado de la encuesta de #Atenea, se ha añadido un nuevo reto dentro de la categoría #OSINT. ¿Podrás con él?
https://atenea.ccn-cert.cni.es/home
