Hola amig@s los invito al primer evento online de TutorSec ( https://discord.gg/k3XWv33XD8) Es libre y gratuito! Vamos a pasar una tarde de charlas increíbles y muchas sorpresas! No te lo pierdas!
Link de inscripción: https://forms.gle/qmJFyrSk2KweqBGw9
saludoos
Link de inscripción: https://forms.gle/qmJFyrSk2KweqBGw9
saludoos
Discord
Join the TutorSec Discord Server!
Check out the TutorSec community on Discord - hang out with 718 other members and enjoy free voice and text chat.
Microsoft June 2021 Patch Tuesday fixes 6 exploited zero-days, 50 flaws
https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2021-patch-tuesday-fixes-6-exploited-zero-days-50-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2021-patch-tuesday-fixes-6-exploited-zero-days-50-flaws/
BleepingComputer
Microsoft June 2021 Patch Tuesday fixes 6 exploited zero-days, 50 flaws
Today is Microsoft's June 2021 Patch Tuesday, and with it comes fixes for seven zero-day vulnerabilities and a total of 50 flaws, so Windows admins will be scrambling to get devices secured.
Researchers are warning of four vulnerabilities in #Microsoft's Office suite—one of which will be patched today—that hackers can exploit in Word and Excel documents to inject malicious code.
Details: https://thehackernews.com/2021/06/new-uaf-vulnerability-affecting.html
Details: https://thehackernews.com/2021/06/new-uaf-vulnerability-affecting.html
The Hacker News
New UAF Vulnerability Affecting Microsoft Office to be Patched Today
Four security vulnerabilities in the Microsoft Office suite could be potentially abused by bad actors to deliver attack code.
Blue Writeup / Walkthrough Hack the box https://sheerazali.com/blue-writeup-walkthrough-hack-the-box/?utm_source=rss&utm_medium=rss&utm_campaign=blue-writeup-walkthrough-hack-the-box
Sheeraz ali
Blue Writeup / Walkthrough Hack the box - Sheeraz ali
This is a writeup on Blue (Windows HackTheBox), running SMB. Exploitation invades the Eternal Blue MS17-010 vulnerability.
Updating Mimikatz in Metasploit https://infosecwriteups.com/updating-mimikatz-in-metasploit-1ce505e811e1?source=rss----7b722bfd1b8d---4
Medium
Updating Mimikatz in Metasploit
Mimikatz integrated in the current Metasploit Framework is a little bit outdated. If you want to use the recent features (like plaintext…
EXPLOTACION DE VULNERABILIDADES.pdf
4.4 MB
EXPLOTACION DE VULNERABILIDADES.pdf
Atacar a Active Directory de 0 a 0.9 .pdf
3 MB
Atacar a Active Directory de 0 a 0.9 .pdf
Enumeración de Active Directory_ PowerView(1).pdf
1.4 MB
Enumeración de Active Directory_ PowerView(1).pdf
DOXING
Solo temas relacionados al DOXING, osint, etc, todo relacionado al footpriting NO hablar de otros temas o será expulsado sin previo aviso.
https://t.me/doxing_osint
Solo temas relacionados al DOXING, osint, etc, todo relacionado al footpriting NO hablar de otros temas o será expulsado sin previo aviso.
https://t.me/doxing_osint
Active Directory Hack
Solo temas relacionados a AD o DC - Directorio Activo o Controlador de Dominio de lo contrario puede ser expulsado sin previo aviso.
https://t.me/Active_Directory
Solo temas relacionados a AD o DC - Directorio Activo o Controlador de Dominio de lo contrario puede ser expulsado sin previo aviso.
https://t.me/Active_Directory
Telegram
Active Directory Hack
Solo temas relacionados a AD o DC - Directorio Activo o Controlador de Dominio de lo contrario puede ser expulsado sin previo aviso.
Monkey island
Solo hablar de temas relacionados a Monkey Island o podrá ser expulsado sin previo aviso.
https://t.me/Monkey_island
Solo hablar de temas relacionados a Monkey Island o podrá ser expulsado sin previo aviso.
https://t.me/Monkey_island
Telegram
Макакич Монки
You can contact @Monkey_island right away.
Bloodhound
Solo hablar de temas relacionados a bloodhound o podrá ser expulsado sin previo aviso.
https://t.me/bloodhoun_d
Solo hablar de temas relacionados a bloodhound o podrá ser expulsado sin previo aviso.
https://t.me/bloodhoun_d
Cisco Smart Install Protocol Still Abused in Attacks, 5 Years After First Warning
http://feedproxy.google.com/~r/securityweek/~3/oNyr-IvqTqw/cisco-smart-install-protocol-still-abused-attacks-5-years-after-first-warning
Cisco’s Smart Install protocol is still being abused in attacks — five years after the networking giant issued its first warning — and there are still roughly 18,000 internet-exposed devices that could be targeted by hackers.
read more (https://www.securityweek.com/cisco-smart-install-protocol-still-abused-attacks-5-years-after-first-warning)
http://feedproxy.google.com/~r/securityweek/~3/oNyr-IvqTqw/cisco-smart-install-protocol-still-abused-attacks-5-years-after-first-warning
Cisco’s Smart Install protocol is still being abused in attacks — five years after the networking giant issued its first warning — and there are still roughly 18,000 internet-exposed devices that could be targeted by hackers.
read more (https://www.securityweek.com/cisco-smart-install-protocol-still-abused-attacks-5-years-after-first-warning)
Securityweek
Cisco Smart Install Protocol Still Abused in Attacks, 5 Years After First Warning | SecurityWeek.Com
The Cisco Smart Install protocol is still being abused in attacks — the latest example is another hacktivist attack — 5 years after Cisco issued its first warning.
ExploitDB Just tweeted ****************************************** [webapps] GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2) https://t.co/xuUu3hNOsn
Exploit Database
GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)
GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2).. webapps exploit for PHP platform
El FBI opera en secreto una falsa aplicación de chat encriptada y arresta a más de 800 delincuentes. https://t.co/8vhukeqJu8
— Fran Andrades (@AndradesFran) Jun 9, 2021
— Fran Andrades (@AndradesFran) Jun 9, 2021
www.apañados.es
El FBI opera en secreto una falsa aplicación de chat encriptada y arresta a más de 800 delincuentes - Somos apañados
Europol la calificó como la "mayor operación policial jamás realizada contra las comunicaciones cifradas"
El famoso "Rockyou2021", tambien conocido como "compilation of many breaches (comb) 3.8billion (public)"
https://gofile.io/d/W1emFD
https://e.pcloud.link/publink/show?code=byjotalK
Password: +w/P3PRqQQoJ6g
https://gofile.io/d/W1emFD
https://e.pcloud.link/publink/show?code=byjotalK
Password: +w/P3PRqQQoJ6g
gofile.io
Gofile - Free Unlimited File Sharing and Storage
Gofile is a free, secure file sharing and storage platform. With unlimited bandwidth and storage, you can easily store and share files of any type without any limits. Our advanced features, such as CDN support and password protection, make Gofile the ideal…
This media is not supported in your browser
VIEW IN TELEGRAM
TOP 10 CVEs since 2021-06-08
Place : CVE : Count
1️⃣ CVE-2021-31955 179
2️⃣ CVE-2021-21985 46
3️⃣ CVE-2021-0086 31
4️⃣ CVE-2021-33739 29
5️⃣ CVE-2021-33742 26
6️⃣ CVE-2021-27905 23
7️⃣ CVE-2021-27094 22
8️⃣ CVE-2021-22911 22
9️⃣ CVE-2020-36289 18
🔟 CVE-2021-28476 18
🔰 @Pen7esting 🔰
Place : CVE : Count
1️⃣ CVE-2021-31955 179
2️⃣ CVE-2021-21985 46
3️⃣ CVE-2021-0086 31
4️⃣ CVE-2021-33739 29
5️⃣ CVE-2021-33742 26
6️⃣ CVE-2021-27905 23
7️⃣ CVE-2021-27094 22
8️⃣ CVE-2021-22911 22
9️⃣ CVE-2020-36289 18
🔟 CVE-2021-28476 18
🔰 @Pen7esting 🔰