SysAdmin 24x7

Windows 10 targeted by PuzzleMaker hackers using Chrome zero-days https://www.bleepingcomputer.com/news/security/windows-10-targeted-by-puzzlemaker-hackers-using-chrome-zero-days/

New UAF Vulnerability Affecting Microsoft Office to be Patched Today https://thehackernews.com/2021/06/new-uaf-vulnerability-affecting.html

Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments. https://unit42.paloaltonetworks.com/siloscape/

Securing Computerized Vehicles from Potential Cybersecurity Threats https://www.tripwire.com/state-of-security/security-data-protection/iot/securing-computerized-vehicles-from-potential-cybersecurity-threats/

Fujifilm, la penúltima víctima conocida por ransomware https://www.muyseguridad.net/2021/06/07/fujifilm-ataque-ransomware/

White House Warns Business Leaders To Increase Cybersecurity Against Ransomware Attacks  Forbes https://www.forbes.com/sites/edwardsegal/2021/06/04/white-house-warns-business-leaders-to-increase-cybersecurity-against-ransomware-attacks/

Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments. https://securityaffairs.co/wordpress/118652/apt/sharppanda-apt-backdoor.html

TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations. https://unit42.paloaltonetworks.com/teamtnt-operations-cloud-environments/

TV news stations become apparent target in next cyberattack. https://www.nbcnews.com/tech/security/tv-news-stations-become-apparent-target-next-cyberattack-n1269662

Korenix patches multiple critical vulnerabilities in networking devices. https://portswigger.net/daily-swig/korenix-patches-multiple-critical-vulnerabilities-in-networking-devices

Múltiples vulnerabilidades en productos de Cisco Fecha de publicación: 04/06/2021 Importancia: 4 - Alta Recursos afectados: Cisco Webex Network Recording Player para Windows y MacOS, versiones anteriores a 41.4; Cisco Webex Player para Windows y MacOS, versiones anteriores a 41.5. Descripción: Kushal Arvind Shah, investigador de Fortinet, ha reportado 3 vulnerabilidades, todas de severidad alta, que podrían permitir a un atacante ejecutar código arbitrario en el sistema afectado. Solución: Actualizar a las siguientes versiones correctoras: Cisco Webex Network Recording Player para Windows y MacOS, versiones 41.4 y posteriores; Cisco Webex Player para Windows y MacOS, versiones 41.5 y posteriores. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-77

Exchange Servers Targeted by ‘Epsilon Red’ Malware. https://threatpost.com/exchange-servers-epsilon-red-ransomware/166640/

Necro Python bot revamped with new VMWare, server exploits. The latest version of the bot has also been equipped with a cryptocurrency miner. https://www.zdnet.com/article/necro-python-bot-revamped-with-new-vmware-smb-exploits/

Cisco fixes High-severity issues in Webex, SD-WAN, ASR 5000 software Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software. https://securityaffairs.co/wordpress/118564/security/cisco-webex-player-sd-wan-asr-5000-flaws.html

Vulnerabilidad XSW en la librería Lasso Fecha de publicación: 03/06/2021 Importancia: 4 - Alta Recursos afectados: Lasso, versiones 2.5.0, 2.6.0 y 2.6.1. Otros afectados: productos de Cisco; productos de Akamai; Ubuntu; Red Hat; Debian. Descripción: Se ha detectado una vulnerabilidad de severidad alta en la librería Lasso que podría permitir a un atacante autenticado causar una condición de denegación de servicio o realizar una suplantación de identidad. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-xsw-libreria-lasso

Huawei USB LTE dongles are vulnerable to privilege escalation attacks. https://www.bleepingcomputer.com/news/security/huawei-usb-lte-dongles-are-vulnerable-to-privilege-escalation-attacks/

Vulnerability Spotlight: A deep dive into macOS SMB server. https://blog.talosintelligence.com/2021/06/vuln-spotlight-smb-mac-deep-dive.html

Zerodium acquiring zero-days in Pidgin, an IM client popular with cybercriminals. https://therecord.media/zerodium-acquiring-zero-days-in-pidgin-an-im-client-popular-with-cybercriminals/

Gaming mod development platform Overwolf fixes bug that could allow RCE via chained exploit. https://portswigger.net/daily-swig/gaming-mod-development-platform-overwolf-fixes-bug-that-could-allow-rce-via-chained-exploit

Breaking down NOBELIUM’s latest early-stage toolset Microsoft Threat Intelligence Center (MSTIC) https://www.microsoft.com/security/blog/2021/05/28/breaking-down-nobeliums-latest-early-stage-toolset/