El informe de EE.UU. que describe a los cibercriminales norcoreanos. https://derechodelared.com/informe-eeuu-cibercriminales-norcoreanos/

ReVoLTE, ataque para comprometer llamadas telefónicas

https://unaaldia.hispasec.com/2020/08/revolte-ataque-para-comprometer-llamadas-telefonicas.html

Amazon: Fallo de seguridad en Alexa permite instalación de componentes maliciosos.

https://unaaldia.hispasec.com/2020/08/amazon-fallo-de-seguridad-en-alexa-permite-instalacion-de-componentes-maliciosos.html

Vuelve a estar de moda bloquearte el sistema. Este malware sustituye el Winlogon del registro para que no se lance el explorer.exe. Solo ves esa pantalla. Te da 30 minutos para pagar 75$ por Telegram o te rompe el arranque de sistema. No pagues. La contraseña es P4YME0101. pic.twitter.com/TPcjr7qfLl August 18, 2020

Rocket.Chat Cross-Site Scripting leading to Remote Code Execution CVE-2020-15926 https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html

Configuración Avanzada de CloudFlare https://blog.elhacker.net/2020/08/configuracion-avanzada-de-cloudflare-reglas-firewall-waf-detener-ataques-ddos-layer7.html

Nueva versión de #KaliLinux como principales novedades, se integra #zsh y se prepara todo para que remplace #bash en un futuro, añaden nuevas herramientas para auditorias Bluetooth en Nethunter, actualizaron el Kernel y Herramientas entre otras cosas https://t.co/2QfdAcN0Pv pic.twitter.com/Xnnd7PrY6F

CVE-2020-10029:
Buffer overflow in GNU libc trigonometry functions (PoC)
https://securityboulevard.com/2020/08/cve-2020-10029-buffer-overflow-in-gnu-libc-trigonometry-functions/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SecurityBloggersNetwork+%28Security+Bloggers+Network%29

Research:
"FreeBSD grub-bhyve bootloader virtual machine escapes (CVE-2020-10565/10566)"
https://github.com/renorobert/grub-bhyve-bugs

Vulnerability analysis Apache Struts2
CVE-2019-0230 (step by step detailed guide):
https://kuaibao.qq.com/s/20200816A03TC200
CVE-2019-0230 vulnerability verification:
https://www.freebuf.com/articles/web/246808.html
Exploit POC:
https://github.com/PrinceFPF/CVE-2019-0230

📃 "HTTP-revshell: controla el equipo de la víctima a través de un canal encubierto" https://www.hackplayers.com/2020/06/http-revshell-c2-covert-channel.html

Purple Cloud: despliega un lab de DA en la nube

https://www.hackplayers.com/2020/08/purple-cloud-despliega-un-lab-de-directorio-activo.html

Para tener internet gratis con las aplicaciones HTTP Injector , eproxy ...

Para Sacar los Host

https://pentest-tools.com/information-gathering/find-subdomains-of-domain

http://atsameip.intercode.ca/

Lista de Proxy Server

http://www.httptunnel.ge/ProxyListForFree.aspx

http://incloak.es/proxy-list/

New video ONlineee: Bugcrowd & Vullnerability XSS Challenge 2020
https://www.youtube.com/watch?v=a_6HW5xlbMQ

Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-log-YxQ6g2kG?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Email%20Security%20Appliance%20and%20Cisco%20Content%20Security%20Management%20Appliance%20Information%20Disclosure%20Vulnerability&vs_k=1

A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.
The vulnerability is due to excessive verbosity in certain log subscriptions. An attacker could exploit this vulnerability by accessing specific log files on an affected device. A successful exploit could allow the attacker to obtain sensitive log data, which may include user credentials. To exploit this vulnerability, the attacker would need to have valid credentials at the operator level or higher on the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-log-YxQ6g2kG



Security Impact Rating: Medium



CVE: CVE-2020-3447

A new memory-related vulnerability (CVE-2020-4414) affects IBM's Db2 family of data management products that could allow a local attacker to access sensitive data or cause DoS attacks.

https://thehackernews.com/2020/08/ibm-data-management.html

Microsoft issues emergency out-of-band security updates for Windows 8.1, RT 8.1, and Server 2012 R2 systems to patch two recently disclosed privilege escalation bugs (CVE-2020-1530 & CVE-2020-1537) affecting Remote Access Service (RAS).

Read: https://thehackernews.com/2020/08/windows-update-download.html

Windows 10 Home: TX9XD-98N7V-6WMQ6-BX7FG-H8Q99
☘️Windows 10 Home N: 3KHY7-WNT83-DGQKR-F7HPR-844BM
☘️Windows 10 Home Single Language: 7HNRX-D7KGG-3K4RQ-4WPJ4-YTDFH
☘️Windows 10 Professional: W269N-WFGWX-YVC9B-4J6C9-T83GX
☘️Windows 10 Professional N: MH37W-N47XK-V7XM9-C7227-GCQG9
☘️Office 2019: NMMKJ-6RK4F-KMJVX-8D9MJ-6MWKP
☘️Office 2016: XQNVK-8JYDB-WJ9W3-YJ8YR-WFG99
☘️Windows 8: BN3D2-R7TKB-3YPBD-8DRP2-27GG4
☘️Windows 8 Single Language: 2WN2H-YGCQR-KFX6K-CD6TF-84YXQ
☘️Windows 8 Professional: NG4HW-VH26C-733KW-K6F98-J8CK4
☘️Windows 8 Professional N: XCVCF-2NXM9-723PB-MHCB7-2RYQQ
☘️Windows 8 Professional WMC: GNBB8-YVD74-QJHX6-27H4K-8QHDG
☘️Windows 8.1: M9Q9P-WNJJT-6PXPY-DWX8H-6XWKK
☘️Windows 8.1 N: 7B9N3-D94CG-YTVHR-QBPX3-RJP64
☘️Windows 8.1 Single Language: BB6NG-PQ82V-VRDPW-8XVD2-V8P66
☘️Windows 8.1 Professional: GCRJD-8NW9H-F2CDX-CCM8D-9D6T9
☘️Windows 8.1 Professional N: HMCNV-VVBFX-7HMBH-CTY9B-B4FXY
☘️Windows 8.1 Professional WMC: 789NJ-TQK6T-6XTH8-J39CJ-J8D3P
☘️Office 2013: YC7DK-G2NP3-2QQC3-J6H88-GVGXT
☘️Office 2010: VYBBJ-TRJPB-QFQRF-QFT4D-H3GVB

⚙️ "Encuentre a cualquier persona en internet usando esta herramienta" https://noticiasseguridad.com/tutoriales/encuentre-a-cualquier-persona-en-internet-usando-esta-herramienta/

La herramienta a la quehace referencia el titular de clickbait es OSRFramework

Horde Groupware Webmail Trean_Queue_Task_Crawl url Deserialization of Unstrusted Data RCE Vulnerability (CVE-2020-8865/8866)
https://srcincite.io/blog/2020/08/19/a-smorgashorde-of-vulnerabilities-a-comparative-analysis-of-discovery.html
PoC Exploit:
https://srcincite.io/pocs/zdi-20-1051.py.txt