Los nuevos ataques de Zloader deshabilitan Windows Defender para evitar la detección
https://blog.segu-info.com.ar/2021/09/los-nuevos-ataques-de-zloader.html

Scan tcp de Victor García (takito)

https://github.com/Anonimo501/scan_VictorG_ttlOS

Microsoft publica el parche para el 0-day de MSHTML (CVE-2021-40444) - PARCHEA YA!
https://blog.segu-info.com.ar/2021/09/microsoft-publica-el-parche-para-el-0.html

[Metasploit]Upgrade Normal Shell To Meterpreter Shell https://infosecwriteups.com/metasploit-upgrade-normal-shell-to-meterpreter-shell-2f09be895646?source=rss----7b722bfd1b8d---4

Kali Linux 2021.3 introduce NetHunter para relojes inteligentes
https://www.linuxadictos.com/kali-linux-2021-3-introduce-algunas-novedades-pero-ninguna-llama-la-atencion-como-nethunter-para-relojes.html

Múltiples vulnerabilidades en el core de Drupal

Fecha de publicación: 16/09/2021
Importancia: 3 - Media

Recursos afectados:
Drupal, versión 9.2, 9.1 y 8.9.

Las versiones de Drupal 8 anteriores a la 8.9.x y de Drupal 9 anteriores a la 9.1.x, se encuentran al final de su vida útil y ya no reciben cobertura de seguridad.

Descripción:
Se han publicado cinco vulnerabilidades de severidad media que podrían afectar al core de Drupal.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-el-core-drupal-1

ExploitDB Just tweeted ****************************************** [webapps] ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated) https://t.co/6Tw5vC67y5

Publicado el descifrador del ransomware REvil / Sodinokibi de forma gratuita. https://derechodelared.com/descifrador-del-ransomware-revil-gratis/

Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20Arbitrary%20File%20Read%20and%20Write%20Vulnerability&vs_k=1

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device.
This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2
This advisory is part of the September 2021 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Cisco IOS XR Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74637).



Security Impact Rating: High



CVE: CVE-2021-34718

Microsoft lanzó el inicio de sesión sin contraseña
https://blog.segu-info.com.ar/2021/09/microsoft-lanzo-el-inicio-de-sesion-sin.html

[webapps] AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50297