📃 "¿Cómo verificar si su servidor Linux ha sido hackeado?" https://noticiasseguridad.com/tutoriales/como-verificar-si-su-servidor-linux-ha-sido-hackeado/

Acuerdo con Ekoparty para distribruir libros de @0xWord en Argentina y los distribuidores en Ecuador, México, Colombia, Panamá, Chile y Costa Rica.

http://feedproxy.google.com/~r/ElLadoDelMal/~3/MY6T0y18kUk/acuerdo-con-ekoparty-para-distribruir.html

Zero-day en Python 3.8.0 a 3.8.3 causa colisión de hash que puede convertirse en un ataque DOS

https://unaaldia.hispasec.com/2020/07/zero-day-en-python-3-8-0-a-3-8-3-causa-colision-de-hash-que-puede-convertirse-en-un-ataque-dos.html

Citrix Releases Critical Software Patches for 11 New Security Vulnerabilities Affecting ADC, Gateway, and SD-WAN WANOP Appliances.

Read More: https://thehackernews.com/2020/07/citrix-software-security-update.html

Research:
Citrix ADC/NetScaler Gateway Vulnerability Details (CVE-2020-8194) (PoC)
https://dmaasland.github.io/posts/citrix.html

CVE-2020-5764:
Android MX Player <1.24.5
- receive shared data file from other device (wireless)
- data file will exploit path traversal vulnerability
- RCE of received file
https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34
PoC:
https://github.com/tenable/poc/tree/master/MXPlayer

dns-spoof

Version 1.0

dns-spoof es un script creado en bash de linux el cual permite automatizar la ejecucion de un ataque dnsspoof redireccionando a la victima de tu red a una pagina falsa (index.html) que configuremos en la ruta /var/www/html/ este ataque funciona sin problema para paginas HTTP para las paginas HTTPS NO HACE EL REDIRECCIONAMIENTO DNS ya que esta en su version 1.0.

para la ejecucion correcta del script se debe tener en cuenta tener en su sistema operativo de preferencia instalado:

Ettercap

Apache2

ArpSpoof

Dnsspoof

una vz lo anterior se encuentre instalado el script ejecutara automaticamente los comandos necesarios para montar el ataque por lo cual no es necesario configuraciones adicionales mas de las que pide el mismo script ya que solo seria para la configuracion del mismo ataque como la ip de la victima el router y la interface por donde se montara el ataque.
https://github.com/Anonimo501/dns-spoof.git

CERRAR SESIÓN
UNDERDOCS.

En esta edición disfruten de:

• Noticias Informáticas
• Hacking
• Malware
• Seguridad Informática
• Pentesting
• [In]Seguridad Informática
• Raspberry Pi
• CTF/Retos (Soluciones)
• Las Ediciones de UnderDOCS
• UNDERTOOLS DIY
• OFF TOPIC
📌 https://underc0de.org/foro/e-zines/underdocs-julio-2020-numero-12/msg141096/#msg141096

eLearnSecurity - all courses


https://drive.google.com/drive/mobile/folders/1spMmQMAKdL1olmfGcxY_YPg0YAZx1hQU

Gracias a todos por estar suscritos al canal.

Un saludo y no olviden compartir.

Pd:
Gracias tambien a quienes ayudan compartiendo un saludo muy especial

An unpatched critical zero-day arbitrary code execution vulnerability has been discovered in Zoom video conferencing software exploitable on Microsoft Windows 7 or older operating system.

Details: https://thehackernews.com/2020/07/zoom-windows-security.html

Junos Space 16.1R1.7
vCPU : 1
RAM : 16384 MB (16GB)
qemu : x86_64
console : telnet
option : -smp 4 -nographic

note :
16 GB RAM is the bare minimum; you should use 32/64 GB in production deplyments. Default credentials: - CLI: admin / abc123 - WebUI: super / juniper123

Tested on GNS3 & EVE-NG

https://drive.google.com/open?id=1IwOcet_kZ_QBXyxDLseNU58yyxT598DO

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlt-ise-strd-xss-nqFhTtx7?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Stored%20Cross-Site%20Scripting%20Vulnerabilities&vs_k=1

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit these vulnerabilities, an attacker would need valid administrative credentials.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlt-ise-strd-xss-nqFhTtx7



Security Impact Rating: Medium



CVE: CVE-2020-3340

Remote Code Execution in Citrix ADC
https://swarm.ptsecurity.com/remote-code-execution-in-citrix-adc/

📃 "Ofuscando ficheros con PowerShell" https://www.flu-project.com/2020/06/ofuscando-ficheros-con-powershell.html

Una vulnerabilidad permite hackear una app rastreadora en smartwatch

https://unaaldia.hispasec.com/2020/07/una-vulnerabilidad-permite-hackear-una-app-rastreadora-en-smartwatch.html