SysAdmin 24x7
Kanalga Telegram’da o‘tish
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Ko'proq ko'rsatish4 387
Obunachilar
+124 soatlar
-47 kunlar
Ma'lumot yo'q30 kunlar
Postlar arxiv
4 387
LOLBAS: colección de scripts para ataques en Red Team
https://blog.segu-info.com.ar/2018/10/lolbas-coleccion-de-scripts-para.html
4 387
Windows ‘Deletebug’ Zero-Day Allows Privilege Escalation, Destruction
https://threatpost.com/windows-deletebug-zero-day-allows-privilege-escalation-destruction/138550/
4 387
Vulnerabilidad en Cisco Webex Meetings Desktop App Update Service
Fecha de publicación: 25/10/2018
Importancia: 4 - Alta
Recursos afectados:
Cisco Webex Meetings Desktop App versiones anteriores a la 33.6.0
Cisco Webex Productivity Tools versiones 32.6.0 y posteriores, hasta la 33.0.5
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-cisco-webex-meetings-desktop-app-update-service
4 387
Privilege Escalation & Post-Exploitation
https://movaxbx.ru/2018/09/16/privilege-escalation-post-exploitation/
4 387
DNS over HTTPS (DoH) C2 (command and control) for Cobalt Strike
https://github.com/SpiderLabs/DoHC2
4 387
“Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking
https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
4 387
Mozilla Releases Security Updates for Firefox
Original release date: October 23, 2018
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefox 63 and Firefox ESR 60.3and apply the necessary updates.
https://www.us-cert.gov/ncas/current-activity/2018/10/23/Mozilla-Releases-Security-Updates-Firefox
4 387
Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation
https://www.bleepingcomputer.com/news/security/windows-10-1809-zip-extraction-bug-overwrites-files-without-confirmation/
4 387
Descubiertas vulnerabilidades críticas en el sistema operativo de Amazon: FreeRTOS
http://unaaldia.hispasec.com/2018/10/descubiertas-vulnerabilidades-criticas.html
4 387
Vendors confirm products affected by libssh bug as PoC code pops up on GitHub
Red Hat and F5 Networks acknowledge that some products are vulnerable to the libssh authentication bug.
https://www.zdnet.com/article/vendors-confirm-products-affected-by-libssh-bug-as-poc-code-pops-up-on-github/
4 387
MIT desarrolla técnica contra Meltdown y Spectre
https://blog.segu-info.com.ar/2018/10/mit-desarrolla-tecnica-contra-meltdown.html
4 387
CVE-2018-8569 | Yammer Desktop Application Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569
4 387
Kaspersky says it detected infections with DarkPulsar, alleged NSA malware
Victims located in Russia, Iran, and Egypt; related to nuclear energy, telecommunications, IT, aerospace, and R&D.
https://www.zdnet.com/article/kaspersky-says-it-detected-infections-with-darkpulsar-alleged-nsa-malware/
4 387
SSH & Meterpreter Pivoting Techniques
https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/
4 387
Descubren una vulnerabilidad sin parchear que puede modificar tu ordenador con Windows
https://www.adslzone.net/2018/10/18/vulnerabilidad-permisos-administrador-windows/
4 387
Critical Flaw Found in Streaming Library Used by VLC and Other Media Players
[...]
"A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution," Cisco Talos' security advisory says. "An attacker can send a packet to trigger this vulnerability."
[...]
https://thehackernews.com/2018/10/critical-flaw-found-in-streaming.html
