📃 "Configura la política de contraseñas en Debian y protege tu servidor" https://www.redeszone.net/tutoriales/seguridad/configurar-politica-contrasenas-debian/
Redes Zone
Configura la política de contraseñas en Debian y protege tu servidor
Configurar en nuestros ordenadores y servidores una buena contraseña de acceso es algo fundamental. Hoy en día seguimos entrando en muchas ocasiones a nuestros equipos con un usuario y contraseña, aunque ya existe la posibilidad de configurar una autenticación…
El antivirus de Norton ahora mina criptomonedas
https://unaaldia.hispasec.com/2022/01/el-antivirus-de-norton-ahora-mina-criptomonedas.html
https://unaaldia.hispasec.com/2022/01/el-antivirus-de-norton-ahora-mina-criptomonedas.html
Una al Día
El antivirus de Norton ahora mina criptomonedas
El antivirus Norton lanza una nueva funcionalidad que usa la potencia de nuestro ordenador para minar criptomonedas.
Todos los puntos verdes en el mapa son estaciones de radio al rededor del mundo, con tan solo dar un clic podremos escuchar la radio de la ciudad que se nos antoje. Solo basta con buscar Radio.garden en nuestro navegador favorito.
http://radio.garden/visit/siglufjoerdjur/pB46jKCc
http://radio.garden/visit/siglufjoerdjur/pB46jKCc
radio.garden
Listen to live Siglufjörður radio on Radio Garden
[webapps] WordPress Core 5.8.2 - 'WP_Query' SQL Injection
WordPress Core 5.8.2 - 'WP_Query' SQL Injection
https://www.exploit-db.com/exploits/50663
WordPress Core 5.8.2 - 'WP_Query' SQL Injection
https://www.exploit-db.com/exploits/50663
Exploit Database
WordPress Core 5.8.2 - 'WP_Query' SQL Injection
WordPress Core 5.8.2 - 'WP_Query' SQL Injection. CVE-2022-21661 . webapps exploit for PHP platform
Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Contact%20Center%20Management%20Portal%20and%20Unified%20Contact%20Center%20Domain%20Manager%20Privilege%20Escalation%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges to Administrator.
This vulnerability is due to the lack of server-side validation of user permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to a vulnerable system. A successful exploit could allow the attacker to create Administrator accounts. With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP. To successfully exploit this vulnerability, an attacker would need valid Advanced User credentials.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4
Security Impact Rating: Critical
CVE: CVE-2022-20658
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Contact%20Center%20Management%20Portal%20and%20Unified%20Contact%20Center%20Domain%20Manager%20Privilege%20Escalation%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges to Administrator.
This vulnerability is due to the lack of server-side validation of user permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to a vulnerable system. A successful exploit could allow the attacker to create Administrator accounts. With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP. To successfully exploit this vulnerability, an attacker would need valid Advanced User credentials.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4
Security Impact Rating: Critical
CVE: CVE-2022-20658
Cisco
Cisco Security Advisory: Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation…
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges…
K10771536: MySQL vulnerabilities CVE-2017-3309, CVE-2017-3453, and CVE-2019-2974 http://www.ccn-cert.cni.es/component/vulnerabilidades/view/33008.html
www.ccn-cert.cni.es
Boletines de Vulnerabilidades
Bienvenido al portal de CCN-CERT
📃 "autenticación segura, ¿qué es y por dónde empiezo?" https://www.incibe.es/protege-tu-empresa/blog/tematicas-autenticacion-segura-y-donde-empiezo
www.incibe.es
TemáTICas: autenticación segura, ¿qué es y por dónde empiezo? | Empresas | INCIBE
La autenticación en el ámbito tecnológico se define como la acción mediante la cual demostramos a otra persona o sistema que somos quien realmente decimos ser. Los mecanismos para autenticarnos, bien sea con una contraseña, con biometría o con otros dispositivos…
Quiero que compartan noticias y cosas relacionadas a los NFT!
Anonymous Poll
53%
Si
19%
No
28%
Me da igual
📃 "Qué es un gusano informático y cuáles son sus características" https://www.welivesecurity.com/la-es/2021/11/05/que-es-gusano-informatico-caracteristicas/
WeLiveSecurity
Qué es un gusano informático y cuáles son sus características
Un gusano informático es un tipo de malware que puede propagarse automáticamente para infectar la mayor cantidad de computadoras posible.
Pasos, métricas, consejos o como quieras llamarle... Para empezar en el Hacking.
https://twitter.com/Back_Black0ut/status/1482766708410621956?t=jLfFO6F_JSkkjYepNLVCDQ&s=19
https://twitter.com/Back_Black0ut/status/1482766708410621956?t=jLfFO6F_JSkkjYepNLVCDQ&s=19
Twitter
Back
Consejos sobre que aprender si quieres comenzar en el Hacking: 1- Aprende a programar: Programar en realidad no es indispensable para dedicarse al hacking. Pero con ello aprenderás la sintaxis de un nuevo lenguaje, entre los que sobresalen lenguajes como…