Cisco SD-WAN Software Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-mpls-infodisclos-MSSRFkZq?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20Software%20Information%20Disclosure%20Vulnerability&vs_k=1
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory.
This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WAN Software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to an affected device that is running Cisco SD-WAN Software or Cisco SD-WAN vManage Software. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-mpls-infodisclos-MSSRFkZq
Security Impact Rating: Medium
CVE: CVE-2021-1614
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-mpls-infodisclos-MSSRFkZq?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20Software%20Information%20Disclosure%20Vulnerability&vs_k=1
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory.
This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WAN Software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to an affected device that is running Cisco SD-WAN Software or Cisco SD-WAN vManage Software. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-mpls-infodisclos-MSSRFkZq
Security Impact Rating: Medium
CVE: CVE-2021-1614
Cisco
Cisco Security Advisory: Cisco SD-WAN Software Information Disclosure Vulnerability
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory.
This vulnerability is due to insufficient…
This vulnerability is due to insufficient…
⛲
https://noviello.it/es/como-instalar-y-configurar-wireguard-vpn-en-debian-10/
Documento 👇👀
https://t.me/MegaGrAn1976/7062
Video👇👀
https://t.me/MegaGrAn1976/7063
Video👇👀
Como usar el cliente WireGuard
🔗 https://t.me/MegaGrAn1976/7064
Instalación windows y terminales Linux.
🔗👇👀https://t.me/MegaGrAn1976/7065
https://noviello.it/es/como-instalar-y-configurar-wireguard-vpn-en-debian-10/
Documento 👇👀
https://t.me/MegaGrAn1976/7062
Video👇👀
https://t.me/MegaGrAn1976/7063
Video👇👀
Como usar el cliente WireGuard
🔗 https://t.me/MegaGrAn1976/7064
Instalación windows y terminales Linux.
🔗👇👀https://t.me/MegaGrAn1976/7065
Noviello.it
Cómo instalar y configurar WireGuard VPN en Debian 10
Debian 10: cómo instalar y configurar WireGuard VPN en Debian 10. WireGuard es una VPN (red privada virtual) genérica que utiliza criptografía ...
ExploitDB Just tweeted ****************************************** [dos] Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC) https://t.co/A5ANdxL2rb
Exploit Database
Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC).. dos exploit for Windows platform
Cositas básicas
📃 "Así es cómo tu CPU y GPU realizan los cálculos matemáticos en tu PC" https://hardzone.es/reportajes/que-es/alu/
📃 "Disco duro: qué es, tipos y cómo funciona" https://www.elgrupoinformatico.com/noticias/disco-duro-que-tipos-como-funciona-t79244.html
📃 "Qué es la memoria RAM y cómo funciona" https://www.profesionalreview.com/2018/11/01/memoria-ram/
📃 "Controla el funcionamiento de tu tarjeta de red con NetworkCountersWatch" https://www.redeszone.net/2017/09/25/networkcounterswatch-informacion-tarjeta-red/
📃 "¿Cómo funciona un router?" https://www.cisco.com/c/es_mx/solutions/small-business/resource-center/networking/how-does-a-router-work.html
📃 "La informática forense en la investigación de delitos" https://protecciondatos-lopd.com/empresas/informatica-forense/
📃 "Cómo proteger tu empresa gracias a una auditoría de ciberseguridad" https://keepcoding.io/blog/auditoria-de-ciberseguridad/
📃 "¿Qué es un pentesting, o prueba de penetración?" https://nordvpn.com/es/blog/que-es-el-pentesting/
🎓 "Curso de Wireless Penetration Testing con Kali linux" https://www.youtube.com/watch?v=2TFnEcJEL10&list=PL-G03HRCQgdFKAaW718J14tKDM63mGirL
📃 "¿Qué es una VPN?" https://nordvpn.com/es/what-is-a-vpn/
Descuento a una VPN para los suscriptores de @seguridadinformatic4 Utiliza el cupón informatica o entra directamente en este enlace: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=45752&url_id=11987
📃 "Así es cómo tu CPU y GPU realizan los cálculos matemáticos en tu PC" https://hardzone.es/reportajes/que-es/alu/
📃 "Disco duro: qué es, tipos y cómo funciona" https://www.elgrupoinformatico.com/noticias/disco-duro-que-tipos-como-funciona-t79244.html
📃 "Qué es la memoria RAM y cómo funciona" https://www.profesionalreview.com/2018/11/01/memoria-ram/
📃 "Controla el funcionamiento de tu tarjeta de red con NetworkCountersWatch" https://www.redeszone.net/2017/09/25/networkcounterswatch-informacion-tarjeta-red/
📃 "¿Cómo funciona un router?" https://www.cisco.com/c/es_mx/solutions/small-business/resource-center/networking/how-does-a-router-work.html
📃 "La informática forense en la investigación de delitos" https://protecciondatos-lopd.com/empresas/informatica-forense/
📃 "Cómo proteger tu empresa gracias a una auditoría de ciberseguridad" https://keepcoding.io/blog/auditoria-de-ciberseguridad/
📃 "¿Qué es un pentesting, o prueba de penetración?" https://nordvpn.com/es/blog/que-es-el-pentesting/
🎓 "Curso de Wireless Penetration Testing con Kali linux" https://www.youtube.com/watch?v=2TFnEcJEL10&list=PL-G03HRCQgdFKAaW718J14tKDM63mGirL
📃 "¿Qué es una VPN?" https://nordvpn.com/es/what-is-a-vpn/
Descuento a una VPN para los suscriptores de @seguridadinformatic4 Utiliza el cupón informatica o entra directamente en este enlace: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=45752&url_id=11987
HardZone
Así es cómo tu CPU y GPU realizan los cálculos matemáticos en tu PC
La ALU o unidad lógico-aritmética es la pieza dentro de la CPU y CPU que se encarga de los cálculos matemáticos. ¿Cuál es su funcionamiento?
Vulnerabilidades críticas en Oracle WebLogic Server
https://unaaldia.hispasec.com/2021/07/vulnerabilidades-criticas-en-oracle-weblogic-server.html
https://unaaldia.hispasec.com/2021/07/vulnerabilidades-criticas-en-oracle-weblogic-server.html
Una al Día
Vulnerabilidades críticas en Oracle WebLogic Server
Publicados los boletines de seguridad trimestrales de Oracle que solventan múltiples vulnerabilidades críticas.
IoT-PT: entorno virtual de pentesting para dispositivos IoT
https://blog.segu-info.com.ar/2021/07/iot-pt-entorno-virtual-de-pentesting.html
https://blog.segu-info.com.ar/2021/07/iot-pt-entorno-virtual-de-pentesting.html
Segu-Info - Ciberseguridad desde 2000
IoT-PT: entorno virtual de pentesting para dispositivos IoT
XCSSET, el malware de MacOS vuelve con novedades
https://unaaldia.hispasec.com/2021/07/xcsset-el-malware-de-macos-vuelve-con-novedades.html
https://unaaldia.hispasec.com/2021/07/xcsset-el-malware-de-macos-vuelve-con-novedades.html
Una al Día
XCSSET, el malware de MacOS vuelve con novedades
Un malware cuyo principal objetivo es el sistema operativo MacOS ha vuelto con una actualización que le dota de más funcionalidades.
# CVE-2017-9841. The exploit targets Drupal sites that currently or
previously used the Mailchimp or Mailchimp commerce module and still have a
vulnerable version of the file
sites/all/libraries/mailchimp/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php.
See below for details on whether a file is vulnerable or not. The vulnerable
file might be at other paths on your individual site, but an automated attack
exists that is looking for that specific path. This attack can execute PHP on
the server
previously used the Mailchimp or Mailchimp commerce module and still have a
vulnerable version of the file
sites/all/libraries/mailchimp/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php.
See below for details on whether a file is vulnerable or not. The vulnerable
file might be at other paths on your individual site, but an automated attack
exists that is looking for that specific path. This attack can execute PHP on
the server
Nuevo video! Esta vez de la máquina Anonymous, de la plataforma THM, cualquier feedback es de mucha ayuda gracias!
https://www.youtube.com/watch?v=GH2FFIGd-y4
https://www.youtube.com/watch?v=GH2FFIGd-y4
RomBuster - router exploitation tool
#RomBuster #Router #Exploitation #Exploit #VULNERABILITIES
https://reconshell.com/rombuster-router-exploitation-tool/
#RomBuster #Router #Exploitation #Exploit #VULNERABILITIES
https://reconshell.com/rombuster-router-exploitation-tool/
How to Check Open Ports in Your Linux System
https://reconshell.com/how-to-check-open-ports-in-your-linux-system/
https://reconshell.com/how-to-check-open-ports-in-your-linux-system/
Penetration Testing Tools, ML and Linux Tutorials
How to Check Open Ports in Your Linux System - Penetration Testing Tools, ML and Linux Tutorials
As a Linux system administrator, to transmit data from server to server having a good command over the TCP (Transmission Control Protocol) protocols is very
El gobierno de Chile ha puesto urgencia a la discusión del TPP en el Senado. Su aprobación significará mayores restricciones y persecución en la actividad digital y en el intercambio de contenidos. Más información ⬇️
https://colectivodisonancia.net/2021/01/no-al-tpp/
Infografía TPP: https://colectivodisonancia.net/no-al-tpp-info/
https://colectivodisonancia.net/2021/01/no-al-tpp/
Infografía TPP: https://colectivodisonancia.net/no-al-tpp-info/
Colectivo Disonancia
No al TPP
El TPP11 es un tratado económico y político que amenaza la autonomía de las comunicaciones y la capacidad de organizarnos en red.
KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS)
https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
📃 "Escalada de privilegios en Linux con polkit" https://unaaldia.hispasec.com/2021/06/escalada-de-privilegios-en-linux-con-polkit.html
Una al Día
Escalada de privilegios en Linux con polkit
Un reciente artículo detalla el procedimiento que permite realizar una escalada de privilegios en sistemas Linux que utilizan el servicio polkit.
Gracias a todos los nuevos integrantes del grupo, por estar aquí y a los que siempre han estado desde el comienzo, un saludo y no olviden compartir el canal para que podamos seguir creciendo muchas gracias a todos.
Canal en telegram
⚔🛡☣ Comunidad Anonimo501 💻📱🖥
https://t.me/Pen7esting
Canal de Youtube
https://youtube.com/c/Anonimo501
Github
https://github.com/Anonimo501
Canal en telegram
⚔🛡☣ Comunidad Anonimo501 💻📱🖥
https://t.me/Pen7esting
Canal de Youtube
https://youtube.com/c/Anonimo501
Github
https://github.com/Anonimo501
Telegram
Comunidad Pen7esting
@Anonimo501
[webapps] Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
https://www.exploit-db.com/exploits/50158
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
https://www.exploit-db.com/exploits/50158
Exploit Database
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass
Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass.. webapps exploit for PHP platform
Principios de diseños de Arquitecturas Zero Trust
https://blog.segu-info.com.ar/2021/07/principios-de-disenos-de-arquitecturas.html
https://blog.segu-info.com.ar/2021/07/principios-de-disenos-de-arquitecturas.html
Segu-Info - Ciberseguridad desde 2000
Principios de diseños de Arquitecturas Zero Trust
CVE-2020-4974
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF).
https://cve.reconshell.com/cve/CVE-2020-4974
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF).
https://cve.reconshell.com/cve/CVE-2020-4974
Investigadores logran ocultar malware en una red neuronal
https://blog.segu-info.com.ar/2021/07/investigadores-logran-ocultar-malware.html
https://blog.segu-info.com.ar/2021/07/investigadores-logran-ocultar-malware.html
Segu-Info - Ciberseguridad desde 2000
Investigadores logran ocultar malware en una red neuronal