Publicado el descifrador del ransomware REvil / Sodinokibi de forma gratuita. https://derechodelared.com/descifrador-del-ransomware-revil-gratis/
Derecho de la Red
Publicado el descifrador del ransomware REvil / Sodinokibi de forma gratuita.
Ha sido desarrollado por Bitdefender junto con un socio policial no revelado, la herramienta de descifrado se puede descargar del sitio web de Bitdefender de forma gratuita , junto con un tutorial …
Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20Arbitrary%20File%20Read%20and%20Write%20Vulnerability&vs_k=1
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device.
This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2
This advisory is part of the September 2021 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Cisco IOS XR Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74637).
Security Impact Rating: High
CVE: CVE-2021-34718
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20Arbitrary%20File%20Read%20and%20Write%20Vulnerability&vs_k=1
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device.
This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2
This advisory is part of the September 2021 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Cisco IOS XR Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74637).
Security Impact Rating: High
CVE: CVE-2021-34718
Cisco
Cisco Security Advisory: Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device.
This vulnerability is due to insufficient input validation of arguments that are supplied…
This vulnerability is due to insufficient input validation of arguments that are supplied…
Microsoft lanzó el inicio de sesión sin contraseña
https://blog.segu-info.com.ar/2021/09/microsoft-lanzo-el-inicio-de-sesion-sin.html
https://blog.segu-info.com.ar/2021/09/microsoft-lanzo-el-inicio-de-sesion-sin.html
[webapps] AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50297
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
https://www.exploit-db.com/exploits/50297
Exploit Database
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated).. webapps exploit for PHP platform
CVE-2021-26333: Vulnerabilidad crítica en chips de AMD permite fugas de información confidencial
https://www.iicybersecurity.com/cve-2021-26333-vulnerabilidad-critica-en-chips-de-amd-permite-fugas-de-informacion-confidencial.html
Los equipos de seguridad informática de AMD anunciaron la corrección de una vulnerabilidad que habría permitido a los actores de...
The post CVE-2021-26333: Vulnerabilidad crítica en chips de AMD permite fugas de información confidencial (https://www.iicybersecurity.com/cve-2021-26333-vulnerabilidad-critica-en-chips-de-amd-permite-fugas-de-informacion-confidencial.html) appeared first on IICS (https://www.iicybersecurity.com/).
https://www.iicybersecurity.com/cve-2021-26333-vulnerabilidad-critica-en-chips-de-amd-permite-fugas-de-informacion-confidencial.html
Los equipos de seguridad informática de AMD anunciaron la corrección de una vulnerabilidad que habría permitido a los actores de...
The post CVE-2021-26333: Vulnerabilidad crítica en chips de AMD permite fugas de información confidencial (https://www.iicybersecurity.com/cve-2021-26333-vulnerabilidad-critica-en-chips-de-amd-permite-fugas-de-informacion-confidencial.html) appeared first on IICS (https://www.iicybersecurity.com/).
IICS
CVE-2021-26333: Vulnerabilidad crítica en chips de AMD permite fugas de información confidencial | IICS
CVE-2021-26333: Vulnerabilidad crítica en chips de AMD permite fugas de información confidencial | Ciberseguridad
Open Management Infrastructure Remote Code Execution Vulnerability
CVE-2021-38647
Released: Sep 14, 2021 Last updated: Sep 17, 2021
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647
CVE-2021-38647
Released: Sep 14, 2021 Last updated: Sep 17, 2021
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647
📃 "Ciberataques DrDoS basados en el protocolo CharGEN" https://www.incibe-cert.es/blog/ciberataques-drdos-basado-el-protocolo-chargen
CVE-2021-26333 AMD Chipset Driver flaw allows obtaining sensitive data
Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive information from the targeted system.
https://securityaffairs.co/wordpress/122330/security/amd-driver-vulnerability.html
Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive information from the targeted system.
https://securityaffairs.co/wordpress/122330/security/amd-driver-vulnerability.html
Security Affairs
CVE-2021-26333 AMD Chipset Driver flaw allows obtaining sensitive data
Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow to access to sensitive information.
Múltiples vulnerabilidades en Moodle
Fecha de publicación: 21/09/2021
Importancia: 5 - Crítica
Recursos afectados:
Las versiones de Moodle que se ven afectadas son las siguientes:
de la 3.11 a la 3.11.2,
de la 3.10 a la 3.10.6,
de la 3.9 a la 3.9.9 y
versiones anteriores sin soporte.
Descripción:
Se han publicado cuatro vulnerabilidades de severidad crítica y otra de severidad baja que podrían permitir a un atacante realizar un secuestro de sesión o acceder a información confidencial.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-moodle-16
Fecha de publicación: 21/09/2021
Importancia: 5 - Crítica
Recursos afectados:
Las versiones de Moodle que se ven afectadas son las siguientes:
de la 3.11 a la 3.11.2,
de la 3.10 a la 3.10.6,
de la 3.9 a la 3.9.9 y
versiones anteriores sin soporte.
Descripción:
Se han publicado cuatro vulnerabilidades de severidad crítica y otra de severidad baja que podrían permitir a un atacante realizar un secuestro de sesión o acceder a información confidencial.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-moodle-16
INCIBE-CERT
Múltiples vulnerabilidades en Moodle
Se han publicado cuatro vulnerabilidades de severidad crítica y otra de severidad baja que podrían permitir a un atacante realizar un secuestro de sesión o acceder a información confidencial.
Infección de Ransomware a través de un exploit de 11 años en ColdFusion
https://blog.segu-info.com.ar/2021/09/infeccion-de-ransomware-traves-de-un.html
https://blog.segu-info.com.ar/2021/09/infeccion-de-ransomware-traves-de-un.html
Segu-Info - Ciberseguridad desde 2000
Infección de Ransomware a través de un exploit de 11 años en ColdFusion
¿Cuál es la diferencia entre VPS y VPN? ¿Qué es un VPS?
https://www.le-vpn.com/es/vps-vs-vpn-cual-es-la-diferencia/
https://www.le-vpn.com/es/vps-vs-vpn-cual-es-la-diferencia/