«Dispositivos conectados al cuerpo humano: peligro real de muerte.» https://derechodelared.com/dispositivos-conectados-al-cuerpo-humano/

Varias vulnerabilidades fueron encontradas al escanear contenedores Docker
https://blog-desdelinux-net.cdn.ampproject.org/c/s/blog.desdelinux.net/varias-vulnerabilidades-fueron-encontradas-al-escanear-contenedores-docker/amp/

👾👾👾 Hola amigos! 👾👾👾

Les comparto un nuevo Vídeo en donde explico como usar algunas características de la herramienta Sublist3r para realizar enumeración de subdominios.



https://www.youtube.com/watch?v=QJQDWJ2_PRw

Udemy- Complete Linux Course Become a Linux Professional

Download Here
https://mega.nz/folder/Xyg11JZZ

Decryption Key: I-brHXcw73khzpcysqyhrQ

Mitre's Center Releases FIN6 Adversary Emulation Plan

Blogpost: https://medium.com/mitre-engenuity/center-releases-fin6-adversary-emulation-plan-775d8c5ebe9b

Github: https://github.com/center-for-threat-informed-defense/adversary_emulation_library/tree/master/fin6

@BlueTeamLibrary

Zerologon desatado: la vulnerabilidad que permite comprometer cualquier controlador de dominio de Windows fácilmente

https://www.hackplayers.com/2020/09/zerologon-desatado-comprometer-DCs-facilmente.html

National Vulnerability Database
CVE-2020-11977

In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution.

National Vulnerability Database
CVE-2020-14385

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability.

National Vulnerability Database
CVE-2020-24561

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability.

National Vulnerability Database
CVE-2020-7295

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.

National Vulnerability Database
CVE-2020-7733

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails
https://www.rcesecurity.com/2020/09/CVE-2020-16171-Exploiting-Acronis-Cyber-Backup-for-Fun-and-Emails/

Micropatch for Zerologon, the "perfect" Windows vulnerability (CVE-2020-1472)

https://blog.0patch.com/2020/09/micropatch-for-zerologon-perfect.html

Muere una paciente del hospital Universitario de Düsseldorf tras sufrir el propio hospital un ataque de Ransomware.

El BSI ya alerto previamente al hospital de que su sistema Citrix era vulnerable y que se debía de parchear.

El Ransomware llevaba una nota de rescate dirigida a la Universidad de Heinrich Heine, que la investigación por parte de la policia encontró en uno de los servidores.

La policía se puso en contacto con los ciberdelincuentes tras recibir el Ransomware y les advirtieron de que habían atacado a un hospital, y de forma inmediata, los ciberdelincuentes les dieron las claves de desencriptado para que volvieran a poner todos los sistemas del hospital en marcha.

Sin embargo, la parte más trágica de todo, es que un paciente en estado muy grave, iba a ser atendido de urgencia en ese hospital, pero no fue posible por que en ese momento el hospital estaba completamente paralizado por el Ransomware, y tuvieron que derivar al paciente al hospital de Wüppertal, donde murió al instante, sin que los médicos pudieran hacer nada para salvar su vida.

Esta es la primera vez que un Ransomware se cobra una vida humana, lo cual, nos hace plantearos, tanto a nosotros como a vosotros, una seria pregunta.

¿Están los sistemas críticos de nuestro país preparados ante un ataque de Ransomware como este? ¿Se debería de invertir más en ciberseguridad tanto en PYMES como en grandes empresas y sistemas criticos?

Fuente: Traducción de las noticias alemanas gracias a @cibernicola, el cual es un seguidor y colaborador de Security News. https://pastebin.com/UBqyFtkr

#Ransomware #Hospital #Alemania #Cibercrimen #Ciberseguridad #Muerte

National Vulnerability Database
CVE-2020-0389

In createSaveNotification of RecordingService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-156959408

Zerologon: Unauthenticated domain controller compromise by subverting Netlogon cryptography (CVE-2020-1472)

https://www.secura.com/pathtoimg.php?id=2055



Test tool: https://github.com/SecuraBV/CVE-2020-1472

PoC: https://github.com/dirkjanm/CVE-2020-1472

National Vulnerability Database
CVE-2020-0313

In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154917989

CVE-2020-1464:
Windows Spoofing Vulnerability (GlueBall) -
wild-exploited vulnerability (PoC)
https://medium.com/@TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd

NUCLEAR RANSOMWARE :)new update/more features
F E A T U R E S :

Generate a ransomware payload
With or without GUI payload

FUD (Fully Undetectable by Anti-Virus)

Works on Windows, MacOS and Linux

Super fast encryption with PyCrypto

Compile to EXE, APP or Unix/Linux executable

Custom icon for your EXE payload

Receive keys of victims

Decrypt files

Demo mode (payload won't encrypt anything)

Fullscreen mode (Warning takes over the screen)

Custom warning message for your victim

Custom image in your payload

Ghost mode (Rename by adding .DEMON extention instead
of encrypting the files)

Multiple encryption methods

Select file extentions to target

Decide if payload should self-destruct (Console mode feature
only)

Decide wich drive to target for encryption (working directory)

Verified server access through port forwarding VPN

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/leonv024/RAASNet.git

2) pip3 install -r requirements.txt

3) python3 RAASNet.py


On Linux, you might need to install these packages:

4) sudo apt install python3-tk python3-pil python3-pil.imagetk

5) Testing connection with remote server:

6) Change the host and port in test_socket.py, default is 127.0.0.1 on port 8989

7) python3 test_socket.py

8)video https://github.com/leonv024/RAASNet/blob/master/demo/PyCrypto-vs-PyAES_demo_10fps.gif

U S E F O R L E A R N