China pone en marcha una nueva ley de privacidad con el principal https://cybersecuritynews.es/china-pone-en-marcha-una-nueva-ley-de-privacidad/

[webapps] Simple Phone book/directory 1.0 - 'Username' SQL Injection (Unauthenticated)
Simple Phone book/directory 1.0 - 'Username' SQL Injection (Unauthenticated)
https://www.exploit-db.com/exploits/50223

FoxyRecon: Un complemento de Firefox para las investigaciones #OSINT
https://github.com/vincenzocaputo/FoxyRecon?_unique_id=61258c1d352d6

Cloudflare anuncia que se ha enfrentado al mayor ataque DDoS de la historia

https://www-teknofilo-com.cdn.ampproject.org/c/s/www.teknofilo.com/cloudflare-anuncia-que-se-ha-enfrentado-al-mayor-ataque-ddos-de-la-historia/amp/

SaltStack Remote code execution

https://youtu.be/5cV9wh2w-O8

PyExchangePasswordSpray - Microsoft Exchange password spray tool

https://reconshell.com/pyexchangepasswordspray-microsoft-exchange-password-spray-tool/

Advisory ID: VMSA-2021-0019

CVSSv3 Range: 6.5
Issue Date: 2021-08-24
Updated On: 2021-08-24 (Initial Advisory)
CVE(s): CVE-2021-22021

Synopsis:
VMware vRealize Log Insight updates address Cross Site Scripting (XSS) vulnerability (CVE-2021-22021)

Impacted Products
VMware vRealize Log Insight
VMware Cloud Foundation

https://www.vmware.com/security/advisories/VMSA-2021-0019.html

Dispositivos Razer y SteelSeries permiten escalamiento local en Windows
https://blog.segu-info.com.ar/2021/08/dispositivos-razer-y-steelseries.html

Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Fabric%20Switches%20ACI%20Mode%20Arbitrary%20File%20Read%20Vulnerability&vs_k=1

A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system.
This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7

This advisory is part of the August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74640).




Security Impact Rating: Medium



CVE: CVE-2021-1583

Parches para dispositivos F5 BIG-IP y BIG-IQ Devices
https://blog.segu-info.com.ar/2021/08/parches-para-dispositivos-f5-big-ip-y.html